Latest Internet & Cybersecurity News
Storm-1175 Deploys Medusa Ransomware in High-Velocity Attacks
Microsoft reports Storm-1175 using n-day and zero-day exploits to rapidly escalate from initial access to Medusa ransomware deployment, often within 24 hours. The group targeted healthcare, education, and finance sectors in Australia, UK, and US, exploiting over 16 vulnerabilities across products like Exchange and TeamCity. Post-exploitation involves creating accounts, stealing credentials, and tampering with security controls.
Iran-Linked Actors Launch Widespread Password Spraying on Microsoft 365
Iran-linked attackers conducted password spraying against hundreds of Microsoft 365 tenants across government, tech, energy, and private sectors. They used common passwords systematically to avoid lockouts, masking origins via VPNs and Tor. Successful access enables email, data exfiltration, and lateral movement without malware.
Russian Forest Blizzard Harvests Microsoft Tokens via Router Flaws
Russia's military-linked Forest Blizzard exploited vulnerabilities in 18,000+ outdated routers to siphon authentication tokens from Microsoft Office users across 200+ organizations and 5,000 devices. The campaign peaked in December 2025, targeting government agencies without deploying malware. Black Lotus Labs detailed DNS redirection tactics used in the surveillance.
Global Operation Dismantles Four Major IoT Botnets
US, Canada, and Germany disrupted Aisuru, Kimwolf, JackSkid, and Mossad botnets infecting over 3 million IoT devices like routers and webcams. These botnets launched massive DDoS attacks, including on US defense systems, with hundreds of thousands of commands issued. Victims faced extortion and significant losses.
FBI Reports 2,100+ Ransomware Incidents on US Critical Infrastructure in 2025
The FBI's IC3 logged over 2,100 ransomware attacks on sectors like healthcare, energy, and manufacturing in 2025, far exceeding data breaches. Top groups Akira, Qilin, and Lynx used double extortion and compromised credentials to disable backups and encrypt files. Healthcare reported the highest incidents, impacting public services.
Cyberattacks Target US Infrastructure Amid Middle East Conflict
Geopolitical tensions, especially with Iran, drive attacks on US industrial control systems and public finance entities like healthcare and utilities. The World Economic Forum notes 64% of organizations now factor geopolitics into cyber strategies. This shift aims at physical infrastructure disruption.
Stryker Hit by Iranian-Linked Handala Wiper Malware Attack
Iranian pro-Palestinian group Handala claimed a wiper attack on medical tech firm Stryker, stealing 50TB of data and wiping systems, forcing office shutdowns in 79 countries on March 11, 2026. The incident highlights escalating cyber risks from state-linked hacktivists.
Microsoft Announces $10 Billion AI and Cyber Investment in Japan
Microsoft plans $10 billion to expand AI infrastructure and cybersecurity in Japan, partnering with local firms and training 1 million engineers by 2030. The initiative strengthens secure cloud capacity amid regional threats. Brad Smith emphasized reliable infrastructure on Japan's terms.
Anthropic Launches Project Glasswing for AI Cybersecurity
Anthropic's Project Glasswing lets partners like Amazon, Microsoft, and Google test unreleased AI model Claude Mythos Preview for vulnerability detection. It has identified thousands of flaws and supports open-source security efforts. The initiative bolsters defensive AI capabilities.
Washington Post Oracle E-Suite Breach Exposes 9,700 Staff Data
Hackers compromised the Washington Post's Oracle E-Suite, exposing data of over 9,700 employees and contractors. The external system breach underscores risks in third-party SaaS integrations. Investigation details remain ongoing.
Critical Imunify360 Vulnerability Threatens 56 Million Websites
A patched Remote Code Execution flaw in Imunify360 AV exposes millions of Linux-hosted sites to attacks. Hosting providers must update to protect the widely used security product. The vulnerability bypassed protections for widespread compromise.
Basic-Fit Data Breach Compromises 1 Million Gym Members' Info
Europe's largest gym chain Basic-Fit suffered a breach where hackers accessed systems, stealing personal data of around 1 million members. The incident highlights ongoing risks to consumer data in non-critical sectors. Unauthorized access methods are under review.