A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency. READ MORE...
Iran has reportedly designated Amazon, Google, IBM, Microsoft, Nvidia, Oracle, and Palantir facilities as legitimate targets of retaliatory strikes, according to an Al Jazeera report citing Iran's state-affiliated Tasnim news agency. The Islamic Revolutionary Guard Corps (IRGC) has pinpointed 29 locations in Bahrain, Israel, Qatar, and the United Arab Emirates that house offices, datacenters, and research facilities that Iran has set its sights on destroying. READ MORE...
A 41-year-old South Florida man is accused of conducting at least 10 ransomware attacks and extorting a combined $75.25 million in ransom payments while he was working as a ransomware negotiator for DigitalMint. Five of Angelo John Martino III's alleged victims hired DigitalMint, which assigned Martino to conduct ransomware negotiations on their clients' behalf, putting him in a position to play both sides. READ MORE...
Splunk and Zoom this week announced security updates that resolve multiple critical- and high-severity vulnerabilities across their product portfolios. Zoom has addressed a critical-severity flaw in Workplace for Windows that could allow unauthenticated, remote attackers to elevate their privileges over the network. The issue impacts the Mail feature of the product and was addressed in Workplace for Windows version 6.6.0 READ MORE...
A vulnerability in Microsoft Authenticator for both iOS and Android (CVE-2026-26123) could leak your one-time sign-in codes or authentication deep links to a malicious app on the same device. Deep links are predefined URIs (Uniform Resource Identifiers) that allow direct access to an activity in a web or mobile application when clicked. In simple terms, they are specifically constructed links used to open an app and complete actions like signing in. READ MORE...
Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices-primarily made by Asus-that have been conscripted into a proxy network that anonymously carries traffic used for cybercrime. The malware-dubbed KadNap-takes hold by exploiting vulnerabilities that have gone unpatched by their owners, Chris Formosa, a researcher at security firm Lumen's Black Lotus Labs, told Ars. READ MORE...
Threat hunters and a collection of unconfirmed victims are responding to a series of attacks targeting Salesforce customers, which the vendor disclosed in a security advisory Saturday. "Salesforce is actively monitoring threat activity targeting public-facing Experience Cloud sites, including attempts to take advantage of overly permissive guest user configurations," the company said in the alert. The campaign marks the third widespread attack targeting Salesforce users in about six months. READ MORE...
Two critical-severity vulnerabilities in n8n could have been exploited for unauthenticated remote code execution (RCE) and sandbox escape, exposing all credentials stored in the n8n database, Pillar Security reports. Tracked as CVE-2026-27493 (CVSS score of 9.5), the first bug is described as a second-order expression injection issue impacting the open source workflow automation platform's Form nodes. READ MORE...
A vulnerability in Android devices can allow attackers to gain access to a phone in less than a minute. The vulnerability, tracked as CVE-2026-20435, affects certain MediaTek SoCs (System-on-a-Chip) using Trustonic's TEE (Trusted Execution Environment). That may sound rare, but reportedly that's about one in four Android phones, mostly cheaper models. Researchers demonstrated the vulnerability by connecting a vulnerable phone to a laptop over USB. READ MORE...