Latest Internet & Cybersecurity News
INTERPOL's Operation Synergia III Takedowns 45,000 Malicious IPs and 94 Arrests
INTERPOL’s Operation Synergia III across 72 countries led to 94 arrests and the takedown of over 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware. The operation demonstrates effective international intelligence fusion and coordinated sinkholing for disrupting cybercrime.
Practitioners note it yields devices and leads for further investigations.
Iran-Linked Handala Group Attacks Stryker, Disrupting Manufacturing
Iran-linked Handala hackers targeted medical device maker Stryker, wiping thousands of servers and devices, exfiltrating 50TB data, and disrupting global manufacturing and shipping. Attackers abused Microsoft Intune for living-off-the-land tactics, bypassing traditional malware defenses.
This highlights risks to medical supply chains from geopolitical hacktivism.
Intuitive Surgical Cyberattack via Phishing Exposes Customer Data
Surgical robotics firm Intuitive Surgical suffered a phishing-based breach compromising employee credentials, customer contacts, and business records. The company contained the incident without affecting da Vinci systems due to network segmentation.
It follows closely after the Stryker attack, signaling heightened medtech risks.
Google Chrome 146 Patches Two Actively Exploited Zero-Days
Google's emergency Chrome 146 update fixes CVE-2026-3909 and CVE-2026-3910, high-severity bugs in Skia and V8 exploited in the wild. Discovered March 10, 2026, these enable rapid user-scale attacks, urging immediate patching and exploit hunting.
Browser zero-days remain a top threat vector.
Authorities Disrupt SocksEscort Proxy Service and Avrecon Botnet
U.S. and European authorities sinkholed SocksEscort, a proxy service powered by Avrecon botnet infecting 360,000 devices since 2020. Used for fraud, ransomware, and abuse, its takedown degrades multiple criminal operations.
This underscores proxy infrastructure's role in cybercrime ecosystems.
LeakBase Cybercrime Forum Taken Down, Disrupting Stolen Data Trade
Law enforcement shut down LeakBase, a forum with 140,000 users distributing breached credentials for stuffing and fraud since 2021. Arrests of operators highlight international cooperation's impact on underground markets.
Experts warn similar forums will emerge, needing sustained efforts.
GlassWorm Campaign Injects Malware into Python GitHub Repos
GlassWorm attackers use stolen GitHub tokens to force-push malware into hundreds of Python repositories since March 8, 2026. Malware steals crypto and data via C2 linked to Solana wallet; uses rebasing to evade detection.
This supply-chain attack preserves commit history, posing risks to developers.
Payload Ransomware Breaches Royal Bahrain Hospital
Payload Ransomware claimed stealing 110GB from Royal Bahrain Hospital, amid Middle East conflict-driven opportunistic attacks. Healthcare remains a prime target for data theft and disruption.
No ransom details disclosed yet.
Ericsson US Data Breach via Compromised Third-Party Provider
Ericsson revealed attackers accessed data of 15,000+ individuals through a breached service provider in April 2025, reviewed in 2026. Highlights third-party risks in telecom supply chains.
No operational disruptions reported.
Microsoft Teams Phishing Deploys A0Backdoor Malware
Phishing campaigns target Microsoft Teams to deploy A0Backdoor malware, part of top threats this week. Combined with rising attacks (2,086 weekly avg in Feb 2026).
Urges enhanced phishing training.
ShinyHunters Threaten 400 Firms with Stolen Salesforce Data
ShinyHunters warn 400 organizations of leaking breached Salesforce data unless extorted, stemming from configuration errors. Salesforce urges reviewing guest privileges.
Exposes SaaS misconfig risks without exploits.
Signal Faces Phishing Leading to High-Profile Account Takeovers
Encrypted app Signal hit by phishing tricking users into sharing codes for account takeovers of journalists and officials. Core infrastructure secure, but stresses user awareness.
No encryption breaches reported.