CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker’s systems. Microsoft published guidance on hardening Intune administrative controls days after Stryker was breached in an incident claimed by Handala, an Iranian-linked and pro-Palestinian hacktivist group. The hackers claim that they stole 50 […]
New âPerseusâ Android malware checks user notes for secrets
A new Android malware called Perseus is checking user-curated notes to steal sensitive information, like passwords, recovery phrases, or financial data. Distributed over unofficial stores disguised as IPTV, Perseus allows complete device takeover, screenshot capturing , and overlay attacks. By posing as IPTV apps, which are often used to stream pirated content, the threat actor […]
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. Tracked as CVE-2026-20963, this security flaw affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition. Successful exploitation enables threat actors without privileges to achieve remote code execution on unpatched servers […]
Nordstrom’s email system abused to send crypto scams to customers
Customers of upscale department store chain Nordstrom received fraudulent messages from a legitimate company email address that promoted cryptocurrency scams disguised as a St. Patrickâs Day promotion. The emails promise recipients to double the cryptocurrency amount deposited to a specific wallet address over the next two hours. “Send cryptocurrency to any of your unique deposit […]
Aura confirms data breach exposing 900,000 marketing contacts
Identity protection company Aura has confirmed that an unauthorized party gained access to nearly 900,000 customer records containing names and email addresses. The company states that the incident was caused by a voice phishing attack targeting an employee, which exposed the sensitive data of 20,000 current and 15,000 former customers. In a communication this week, Aura […]
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). Zimbra is a very popular email and collaboration software suite used by hundreds of millions of people worldwide, including thousands of businesses and hundreds of government agencies. Tracked as CVE-2025-66376 and patched in early November, this high-severity security […]
ConnectWise patches new flaw allowing ScreenConnect hijacking
ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation. The flaw affects ScreenConnect versions before 26.1. It is tracked as CVE-2026-3564 and received a critical severity score. ScreenConnect is a remote access platform typically used by managed service providers (MSPs), IT departments, and support teams. It can […]
Ransomware gang exploits Cisco flaw in zero-day attacks since January
The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. The Interlock ransomware operation surfaced in September 2024 and has been linked to ClickFix and to malware attacks in which they deployed a remote access trojan called NodeSnake on the networks of […]
Marquis: Ransomware gang stole data of 672K people in cyberattack
Marquis, a Texas-based financial services provider, revealed this week that a ransomware gang stole the data of over 670,000 individuals in an August 2025 cyberattack that also disrupted operations at 74 banks across the United States. The company provides digital marketing, data analytics, compliance, and CRM services to more than 700 banks, credit unions, and mortgage lenders across […]
New DarkSword iOS exploit used in infostealer attack on iPhones
A new exploit kit for iOS devices and delivery framework dubbed âDarkSwordâ has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps. DarkSword targets iPhones running iOS 18.4 through 18.7 and is linked to multiple actors, including UNC6353, suspected to be Russian, who used the Coruna exploit chain disclosed earlier this month. […]