Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. […]
Medtech giant Stryker fully operational after data-wiping attack
Stryker Corporation, one of the world’s leading medical technology companies, says it’s fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group. […]
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week.
Things are moving fast. The list includes researchers chaining small bugs together to create massive backdoors, old software flaws
Things are moving fast. The list includes researchers chaining small bugs together to create massive backdoors, old software flaws
Cisco Patches Critical and High-Severity Vulnerabilities
The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation.
The post Cisco Patches Critical and High-Severity Vulnerabilities appeared first on SecurityWeek.
250,000 Affected by Data Breach at Nacogdoches Memorial Hospital
In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information.
The post 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital appeared first on SecurityWeek.
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023.
“Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the guise of software registration,” Elastic
“Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the guise of software registration,” Elastic
The State of Trusted Open Source Report
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and
Critical Cisco IMC auth bypass gives attackers Admin access
Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that enables attackers to gain Admin access. […]
Mercor Hit by LiteLLM Supply Chain Attack
The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data.
The post Mercor Hit by LiteLLM Supply Chain Attack appeared first on SecurityWeek.
Sophisticated CrystalX RAT Emerges
The malware can spy on victims, steal their information, and make configuration changes on devices.
The post Sophisticated CrystalX RAT Emerges appeared first on SecurityWeek.