Latest Internet & Cybersecurity News
Seedworm Breach Exposes U.S. Infrastructure Gaps
Symantec and Carbon Black revealed Seedworm maintained footholds in U.S. organizations from February to March 2026, using Deno-based Dindoor backdoor and Python Fakeset implant. Attackers moved stolen files via rclone to obscure cloud buckets, confirming cyber warfare preparation amid geopolitical tensions.
This highlights persistent covert access challenges for cybersecurity teams.
Hacktivist Surge Follows Geopolitical Strikes
Over 60 pro-Iran groups like Handala and NoName057 launched DDoS and data leaks within 72 hours of February 28 strikes, with 150+ incidents reported. Many claims used recycled data, creating noise for defenders, as noted by experts like Paul Nakasone.
Critical infrastructure faces heightened risks from this asymmetric uncertainty.
AI Drives 89% Rise in Attacks, Shrinking Breakout Time
CrowdStrike reports an 89% increase in AI-enabled attacks, with average intruder breakout time at 29 minutes, fastest at 27 seconds. AI automates reconnaissance, phishing, and escalation for state hackers, while defenders leverage it for anomaly detection.
Security operations must accelerate telemetry and containment.
Intuitive Surgical Suffers Phishing Data Breach
Intuitive Surgical disclosed a phishing incident compromising customer business/contact info and employee data via an employee's access. The company contained the breach, activated response protocols, and confirmed no impact on da Vinci or Ion platforms.
Internal networks are segmented from operational systems.
Iran-Linked Handala Claims Stryker Cyberattack
Stryker faced a global network disruption from a cyberattack, with Handala claiming server wipes and 50TB data exfiltration. The attack hit Microsoft environments, affecting order processing, shipping, and manufacturing.
Check Point Research links it to the Iran-backed group.
Australian SaaS Provider Breached via React2Shell
FulcrumSec exploited 'React2Shell' in an unpatched web app to breach a global legal SaaS provider's AWS, exposing Australian law firms and government data. This supply chain attack underscores cloud perimeter vulnerabilities.
Organizations urged to audit configurations immediately.
Hazeldenes Poultry Data Published on Dark Web
Data stolen from Australian poultry processor Hazeldenes in a February attack was leaked on March 12, 2026. This disrupts digital retail and supply chains.
Kairos ransomware also hit Seagrass Boutique Hospitality Group POS systems.
FinTech youX Exposes 600K Loan Applications
A breach at Australian lending platform youX leaked 141GB from a misconfigured MongoDB Atlas via CVE-2025-14847. ASIC fined FIIG Securities AUD 2.5M for past cybersecurity failures, enforcing resilience.
FinTech sector faces regulatory pressure.
Cisco SD-WAN Zero-Days Exploited in Australia
ACSC warns of state-sponsored attacks on Cisco SD-WAN via CVE-2026-20127 for authentication bypass and persistence. New IoT rules raise stakes amid active exploits.
Networking environments need urgent patches.
CyberBay 2026 Summit Spotlights Workforce Needs
USF's CyberBay summit addressed AI-transformed threats and talent gaps, with faculty and CyberHerd team showcasing research and CTF wins. Sessions focused on academia-industry partnerships for threat detection and AI security.
Tampa Bay grows as cybersecurity hub.
RIT Kosovo Hosts Major Cybersecurity Challenge
Over 200 joined ICDC 2026 on February 21, with 41 teams defending simulated public transport infra against attacks. Involved Kosovo, Albania, U.S. teams in hands-on exercises.
Boosts regional cybersecurity skills and collaboration.