Latest Internet & Cybersecurity News
Iran-Linked Handala Hacktivists Launch Global Wiper Attack on Stryker Corporation
On March 11, 2026, pro-Iran group Handala claimed responsibility for a destructive cyberattack on medical tech giant Stryker, wiping over 200,000 devices worldwide via Microsoft Intune and exfiltrating 50TB of data in retaliation for U.S. strikes in Iran. The attack disrupted global operations, forcing office closures and system isolation without ransomware demands.
Researchers link Handala to IRGC-affiliated groups like Void Manticore.
Intuitive Surgical Suffers Phishing Attack Compromising Customer and Employee Data
Medical robotics firm Intuitive Surgical disclosed a cybersecurity incident from a phishing attack that exposed customer and employee data. This follows the recent Stryker attack, heightening concerns in the medtech sector amid Middle East tensions.
No operational disruptions were detailed, but it underscores phishing risks.
Google Patches Chrome V8 Zero-Day CVE-2026-3910 Exploited in the Wild
Google released an emergency update for CVE-2026-3910, a type confusion flaw in Chrome's V8 engine actively exploited for code execution in the browser sandbox. Reported on March 10, 2026, it poses risks of credential theft and malware delivery during browsing.
This marks the second Chrome zero-day of 2026.
Cisco Addresses High-Severity IOS XR Vulnerabilities CVE-2026-20040 and CVE-2026-20046
Cisco patched two flaws in IOS XR software on March 11, 2026, allowing authenticated users to escalate to root or admin privileges via improper CLI validation. Successful exploits grant full OS control, urging immediate updates.
Affects network infrastructure users.
Salt Typhoon (UAT-9244) Targets Telecoms in South America with Espionage Malware
Threat actor Salt Typhoon deployed TernDoor, PeerTime backdoors, and BruteEntry tools against telecom providers in South America, using DLL sideloading and spear-phishing. Targets include Cisco, Fortinet, and Microsoft Exchange for data exfiltration and persistent access.
Campaign focuses on long-term cyber-espionage.
Proton Data Breach Observatory Reveals Rise in Vishing Attacks and Small Business Breaches
2026 updates show vishing campaigns by ShinyHunters targeting tech firms like Bumble and SoundCloud, exposing millions of records. 42% of breaches include names and addresses; 37% expose sensitive IDs and health data.
Small businesses hit hardest by cyberattacks.
Shiraume Hospital Patient Data Leaked on Underground Forum by NetRunnerPR
Threat actor NetRunnerPR advertised stolen patient data from Japan's Shiraume Hospital on a hacking forum, causing data loss and reputational harm. Breach involved unauthorized network access for financial gain.
Highlights healthcare vulnerabilities.
GPS Jamming Reported in Strait of Hormuz Amid Iranian Hacktivist Activity
Weekly report notes GPS jamming in the Strait of Hormuz with Iranian hacktivists harassing the region, tied to broader geopolitical cybersecurity tensions. Disrupts navigation and signals intelligence operations.
Part of escalating regional threats.
Stryker Confirms Global Microsoft Environment Disruption from Cybersecurity Attack
Stryker officially acknowledged a March 11, 2026, attack disrupting its Microsoft IT systems, affecting order processing and manufacturing worldwide. Company activated incident response with external experts.
No customer data impact confirmed yet.
Multiple Legacy Vulnerabilities Remain Exploitable Including Exchange CVE-2021-26855
CYFIRMA report highlights ongoing risks from CVEs like Microsoft Exchange CVE-2021-26855 (CVSS 9.8) and others in BIG-IP, FreePBX. Targets include IoT, VPS, and Android apps via exploitation and phishing.
Urges patching for espionage prevention.
Medtech Sector Faces Heightened Cyber Risks from State-Aligned Actors
Attacks on Stryker and Intuitive Surgical signal expanded retaliatory operations by Iran-linked groups amid U.S.-Iran tensions. Use of native tools like Intune shows advanced access to admin credentials.
Raises supply chain disruption fears.