Latest Internet & Cybersecurity News
Stryker Medtech Suffers Global Outage from Suspected Iran-Linked Cyberattack
Medical device giant Stryker confirmed a widespread network disruption to its Microsoft devices due to a cyberattack on March 11, 2026, with hackers remotely wiping Windows systems including laptops and phones. The Iran-linked Handala group, tied to Iran's Ministry of Intelligence, claimed responsibility, marking their first major US business hit and raising alarms for healthcare disruption.
Employees were told to disconnect devices as the incident was contained without ransomware.
Digital Cybersecurity Emerges as Second Battleground in US-Iran-Israel Conflict
US satellite firms delayed image releases to prevent military leaks amid Middle East tensions, while Israel accused Iran of hacking civilian cameras, gas stations, and ports for intelligence. This extends physical warfare to cyber domains.
Armadin CEO noted Iran's escalation from ship threats to targeting US firms like Stryker and tech companies.
Ransomware Claims Surge 43% in February 2026 Led by 0APT Group
Bitdefender reported 1,194 claimed ransomware victims in Feb 2026, up 43% from prior month, driven by 0APT's dubious 458 claims likely inflated by poor data. Groups like The Gentlemen used BYOVD tactics with ThrottleStop.sys to evade detection in Thailand attacks.
ShadowByt3$ recruits for Wiper-as-a-Service model without traditional ransomware.
Europol Leads Takedown of Stronghold LeakBase Dark Web Forum
Europol, FBI, and agencies seized LeakBase, a major dark web site with 140,000 users sharing infostealers and leaked databases, following RAMP seizure. This disrupts cybercrime data sharing significantly.
The action highlights law enforcement gains against underground markets.
Bitdefender MDR Spots Identity-First Attacks and Fileless Malware Trends
In Feb 2026, threats focused on stealing VPN credentials, remote registry access, legitimate RMM tools for persistence, and firewall/RDP changes. Fileless attacks with in-memory execution were common in real incidents.
These tactics enable prolonged access in managed environments.
AI-Driven Phishing and Deepfakes Fuel 2026 Cyber Threat Evolution
Criminals use AI/ML for personalized phishing, automated vulnerability scans, and adaptive malware evading defenses. Deepfakes and synthetic identities bypass verification for fraud, while contextual threats exploit real-time data.
BEC and credential theft blend tech with social engineering.
Cloud Misconfigurations Remain Top Breach Cause in Multi-Cloud Setups
Errors like public storage, over-permissions, and config drift in hybrid/multi-cloud expose assets due to poor visibility. Inconsistent policies across providers heighten risks.
Centralized monitoring is urged to detect issues early.
ShinyHunters Exploit Salesforce Gainsight to Hit 200+ Companies
In Nov 2025, ShinyHunters hackers used Gainsight OAuth flaws to steal data from over 200 firms via interconnected SaaS risks. This highlights supply chain vulnerabilities in cloud services.
Affected major companies faced sensitive record losses.
INC Ransomware Disrupts US Emergency Alerts via OnSolve CodeRED
Early Nov 2025, INC gang hit OnSolveās CodeRED, stealing resident data and halting alerts in multiple US states. Officials deployed backups after extortion refusal.
This critical infrastructure attack underscored ransomware dangers.
Handala Hacktivists Escalate with Stryker Attack Amid US-Iran War
Pro-Iranian Handala, actually MOIS-linked, wiped Stryker devices in a first for major US firms, per Check Point. Experts warn of patient safety risks in healthcare targets.
Related groups like Seedworm hit US nets since Feb.
AtomSIlo Reemerges and 0APT Surges in March 2026 Threat Landscape
Bitdefender's March 2026 debrief notes AtomSIlo's return and 0APT's victim claim explosion, signaling shifting ransomware dynamics. BYOVD and log-purging tactics enhance stealth.
Recruitment for wiper ops like ShadowByt3$ grows.