Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Apple iOS CVE-2025-43300: Patch Analysis Reveals ImageIO Zero-Click Exploit
A patch analysis of CVE-2025-43300 reveals how a flaw in Apple’s ImageIO framework enabled a zero-click exploit path through malicious image parsing.
-
Aeternum C2 Botnet Abuses Polygon Blockchain to Hide Malware Commands and Evade Takedowns
Security researchers have uncovered a new botnet loader called Aeternum C2 that stores encrypted command-and-control instructions on the Polygon blockchain, making traditional takedown efforts significantly harder and signaling a new evolution in resilient malware infrastructure.
-
UAT-10027 Targets U.S. Healthcare with Dohdoor Malware Using DoH C2
Researchers have uncovered a previously undocumented cyber campaign tracked as UAT-10027 targeting U.S. healthcare and education organizations with a new backdoor called Dohdoor that uses DNS-over-HTTPS to evade detection and deploy Cobalt Strike beacons.
-
Ransomware Trends 2026: Healthcare, Defense, and Threat Actor Tactics
Ransomware attacks in 2026 continue to disrupt healthcare, with clinic closures and operational outages. Defensive innovations like honeypots and evolving threat actor tactics shape the landscape.
-
CyberStrikeAI: Chinese-Linked AI Attack Platform Compromises 600+ FortiGate Devices Across 55 Countries
An open-source AI-native offensive security tool called CyberStrikeAI, developed by a Chinese coder with ties to the Ministry of State Security, has been deployed by a Russian-speaking threat actor to compromise over 600 FortiGate appliances across 55 countries. Team Cymru tracked 21 unique servers running the platform, revealing a sharp acceleration in AI-augmented offensive cyber…
-
Iranian Revolution 2026: Complete Intelligence Briefing — Protests, War, Cyber Operations, and the Fall of Khamenei
Comprehensive intelligence briefing on the Iranian Revolution of 2026 — from the December 2025 protest eruption and regime massacres, through Operation Epic Fury and Operation Roaring Lion, the assassination of Khamenei, the Strait of Hormuz crisis, five Iranian cyber threat clusters, AWS data center strikes, and the global fallout. Continuously updated. Last updated March 3,…
-
ClawJacked: New OpenClaw Flaw Lets Malicious Websites Hijack Local AI Agents
A new “ClawJacked” flaw in OpenClaw lets malicious websites silently hijack local AI agents via WebSockets. Here is how it works and how to defend.
-
CISA Adds Two Roundcube Flaws to KEV: What Organizations Must Do
CISA has added two actively exploited Roundcube vulnerabilities to its Known Exploited Vulnerabilities catalog. This post explains the risk, detection steps, and remediation guidance for admins.
-
Pulse Secure network hacked via backdoor embedded in its VPN software
Pulse Secure network was breached after attackers planted a backdoor in the vendor’s VPN code, according to a Bloomberg report. The intrusion affected 119 customer organizations and underscores recurring Ivanti VPN flaws.
-
UMMC ransomware attack forces closure of 35 Mississippi clinics
UMMC ransomware attack: University of Mississippi Medical Center closed all 35 statewide clinics after a ransomware infection took information systems offline, forcing cancellations of appointments and non‑urgent care.