Tag: malware

Ransomware Devastates Oceania Healthcare While New Threats Target Critical Infrastructure

Healthcare systems across Australia, New Zealand, and Tonga face ransomware attacks from the INC group while Chinese state-backed actors shift focus to Qatar amid regional tensions. Supply chain attacks compromise GitHub Actions and new malware variants target HR departments with EDR evasion capabilities.

Mar 12, 2026Dark Reading, Infosecurity Magazine

ransomwarehealthcaresupply-chain

🇺🇸Google

highData Breaches & Incidents

Weekly Security Roundup: Banking Trojan Targets Brazil, Iranian Hackers Hit Healthcare Giants, HR Under Attack

Iranian-linked Handala group claims attacks on medical device maker Stryker and payment processor Verifone, while new PixRevolution banking trojan uses live operators to steal Brazil's PIX transfers in real-time. Meanwhile, Russian-speaking attackers deploy BlackSanta malware through fake job applications targeting HR departments.

Mar 12, 2026Hackread

malwarebanking-trojaniranian-threat-actors

mediumVulnerabilities & Exploits

Chrome Extensions Go Rogue After Ownership Transfer: Weekly Security Roundup

Two Chrome extensions became malicious following ownership transfers, allowing attackers to inject code and steal user data. Meanwhile, mid-market organizations continue struggling to achieve enterprise-level security postures amid increasing supply chain attack awareness.

Mar 9, 2026The Hacker News, SANS ISC

chrome-extensionssupply-chainmalware

🇺🇸Google

highNation-State & APT

Iranian APT Groups Intensify Cyber Operations Against U.S. and Middle East Infrastructure

Check Point researchers observed Iran-linked actors targeting IP cameras across Israel and Gulf states for military intelligence, while Broadcom's Symantec team uncovered MuddyWater deploying the new Dindoor backdoor against U.S. banks, airports, and nonprofits.

Mar 7, 2026Security Affairs

iranmuddywaterapt

🇮🇷MuddyWater

criticalVulnerabilities & Exploits

Critical Vulnerabilities Under Attack: CISA Adds CVSS 9.8 Flaws While APTs Deploy New Tools

CISA confirmed active exploitation of critical vulnerabilities in Hikvision cameras and Rockwell automation systems. Meanwhile, Iranian MuddyWater hackers target US organizations with new Dindoor backdoor, and Chinese APT UAT-9244 deploys sophisticated implants against South American telecommunications infrastructure.

Mar 6, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

cisa-kevcritical-vulnerabilitiesapt-campaigns

🇨🇳Salt Typhoon🇮🇷MuddyWater

🇨🇳Hikvision

highNation-State & APT

Nation-State Roundup: Iran-Nexus APT Targets Iraq Officials, Phobos Admin Pleads Guilty, Multi-Year Campaign Exposed

Iranian threat actors are actively targeting Iraqi government officials with previously unknown malware families, while law enforcement secured a guilty plea from a Phobos ransomware administrator. Separately, researchers uncovered a multi-year campaign targeting high-value sectors that went undetected for years.

Mar 6, 2026Security Affairs, Palo Alto Unit 42

aptiraniraq

🏴Phobos

highMalware & Threats

Threat Landscape Roundup: Zero-Day Surge, State Actor Campaigns, and Multi-Million Dollar Fraud Operations

Google's threat intelligence reveals 90 zero-day vulnerabilities were actively exploited in 2025, with nearly half targeting enterprise infrastructure. Concurrently, state-sponsored groups continue targeting telecommunications providers while cybercriminals execute multi-million dollar fraud schemes through business email compromise and cryptocurrency theft.

Mar 6, 2026BleepingComputer, Cisco Talos, Malwarebytes Labs, SecureList (Kaspersky)

zero-dayaptmalware

🇺🇸Google

mediumNation-State & APT

Russian APT Deploys New Ukraine-Targeting Malware as Law Enforcement Disrupts Global Cybercrime Operations

Russian threat actors launched a new espionage campaign against Ukraine using two undocumented malware strains. Meanwhile, international law enforcement scored major wins with takedowns of the Leakbase cybercrime forum and indictments against 62 individuals tied to the Prince Group scam operation.

Mar 5, 2026Security Affairs, The Record

russiaukraineapt

highData Breaches & Incidents

Security Roundup: Certificate Abuse, Phishing Evolution, and Enterprise Defense Gaps

Attackers are leveraging stolen certificates to distribute malware through fake Zoom/Teams updates, while new phishing tactics exploit encrypted flows and QR codes to bypass enterprise defenses. Startups face unique confidentiality challenges during fundraising and hiring processes.

Mar 5, 2026Hackread

phishingmalwarecertificates

highVulnerabilities & Exploits

State Actors Unleash New Malware Arsenal as Phishing-as-a-Service Operations Scale Globally

Iran-linked Dust Specter and Russian APT28 campaigns unveiled new malware families targeting government officials in Iraq and Ukraine respectively. Meanwhile, Tycoon2FA phishing-as-a-service operations reached over 500,000 organizations monthly before disruption by Microsoft and Europol.

Mar 5, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

apt28malwarephishing-as-a-service

🇷🇺APT28

🇺🇸Google

highIndustry & Policy

VMware Exploitation Active, Major Law Enforcement Wins Against Cybercrime Infrastructure

Attackers are actively exploiting a command injection flaw in VMware Aria Operations that could compromise cloud environments. Meanwhile, coordinated law enforcement operations have successfully taken down the LeakBase data breach forum and Tycoon2FA phishing-as-a-service platform.

Mar 5, 2026Dark Reading, Infosecurity Magazine

vmwareexploitationlaw-enforcement

highVulnerabilities & Exploits

Multi-Platform RATs, AI-Driven Attacks, and Certificate Abuse: Weekly Vulnerability Roundup

Multiple sophisticated attack campaigns emerged this week, including cross-platform RATs distributed via fake Laravel packages, APT41-linked Silver Dragon targeting governments, and AI-assisted attacks hitting FortiGate devices across 55 countries. Certificate abuse and social engineering tactics continue enabling persistent enterprise access.

Mar 4, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

malwareaptsupply-chain

🇨🇳APT41

🇺🇸Google