CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA says organizations should harden Microsoft Intune after attackers reportedly abused it to wipe systems in the Stryker breach.
Inc ransomware group holds healthcare hostage in Oceania
INC Ransomware’s attacks in Australia, New Zealand, and Tonga show how healthcare outages can quickly become public-safety and privacy crises.
Bitrefill points to Lazarus-linked Bluenoroff in suspected North Korean cyberattack
Bitrefill says a recent cyberattack likely came from Lazarus-linked Bluenoroff, underscoring North Korea’s continued focus on crypto targets.
Iran MOIS colludes with criminals to boost cyberattacks
Iran’s MOIS is reportedly working with cybercriminals, blurring espionage and extortion while making attribution and defense harder.
The collapse of predictive security in the age of machine-speed attacks
Attackers now weaponize flaws in hours or days, forcing defenders to shift from predictive patching to preemptive exposure reduction.
What boards must demand in the age of AI-automated exploitation
AI is shrinking the time between disclosure and exploitation, forcing boards to demand faster remediation and defensible cyber risk decisions.
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
PolyShell reportedly enables unauthenticated RCE on Magento 2.x stores, raising urgent patching and compromise-check demands for merchants.
Critical n8n flaws allow remote code execution and exposure of stored credentials
Two critical n8n flaws could enable remote code execution and expose stored credentials, putting connected cloud and internal systems at risk.
Expect Iran to launch cyber-attacks globally, warns Google head of threat intel
Google’s threat intel chief warns Iran may expand deniable cyber-attacks globally, targeting the US, Gulf allies and critical sectors.
ThreatsDay Bulletin shows how old tricks keep finding new ways in
This week’s threats show attackers blending OAuth abuse, EDR tampering, chat phishing, malicious ZIPs, and AI platform compromise.
DoJ disrupts 3 million-device IoT botnets tied to record 31.4 Tbps DDoS attacks
DoJ’s IoT botnet disruption highlights how millions of insecure devices can fuel record 31.4 Tbps DDoS attacks across the internet.
Trivy GitHub Actions breach shows how tag hijacking can expose CI/CD secrets at scale
Attackers reportedly hijacked 75 Trivy GitHub Action tags, turning a trusted security tool into a CI/CD secret-stealing supply-chain threat.