Stryker Corporation, one of the world’s leading medical technology companies, says it’s fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group. […]
Medtech giant Stryker fully operational after data-wiping attack Read More »
Threat actors are exploiting vacant homes as “drop addresses” to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. […]
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime Read More »
Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. […]
New Progress ShareFile flaws can be chained in pre-auth RCE attacks Read More »
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. […]
Drift loses $280 million as hackers seize Security Council powers Read More »
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and enabling remote access. It’s currently not known what lures the threat actors use to
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass Read More »
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say “No.” No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this looked like security. But
Block the Prompt, Not the Work: The End of “Doctor No” Read More »
A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot. The activity has been attributed to a Brazilian cybercrime threat actor tracked as Augmented Marauder and Water Saci. The e-crime group was first documented by Trend
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures Read More »
Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that enables attackers to gain Admin access. […]
Critical Cisco IMC auth bypass gives attackers Admin access Read More »
Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard. “Use-after-free in Dawn in Google
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released Read More »
Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. […]
Microsoft links Classic Outlook issue to email delivery problems Read More »