Critical 'IronBite' SCADA Zero-Day Threatens Energy Sector; 'ChronoLocker' Ransomware Cripples Global Logistics
Summary
This period saw the emergence of multiple critical threats, headlined by the 'IronBite' zero-day (CVE-2026-31501) in SCADA systems, prompting a CISA emergency directive due to active exploitation targeting the energy sector. Simultaneously, the 'ChronoLocker' ransomware group crippled logistics giant AmeriCargo, causing significant supply chain disruptions. Other major incidents include a 'GhostTouch' zero-day (CVE-2026-31999) in the Androis mobile OS, supply chain attacks on the PyPI repository, and sophisticated espionage campaigns by the 'Silent Geese' and 'Crimson Wyvern' APT groups targeting NATO and cancer research institutes, respectively.
Today New Articles
CISA Issues Emergency Directive for 'IronBite' SCADA Zero-Day Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive for a critical zero-day vulnerability, CVE-2026-31501, dubbed 'IronBite'. This remote code execution (RCE) flaw in Avarium's OmniLogic SCADA platform scores a pe...
ChronoLocker Ransomware Cripples AmeriCargo, Freezing US Supply Chains
The 'ChronoLocker' ransomware gang has launched a crippling attack against AmeriCargo, a major North American logistics firm, forcing a halt to its operations. The attack, which began on February 15, 2026, has encrypted critical systems managing port operation...
New APT 'Silent Geese' Deploys 'PoliGraph' Backdoor in Espionage Campaign Against NATO
A newly identified state-sponsored threat actor, named 'Silent Geese,' is conducting a highly targeted cyber-espionage campaign against diplomatic personnel in multiple NATO member states. According to research from SecuraIntel, the advanced persistent threat...
PaySphere FinTech App Breach Exposes Data and Transaction Histories of 4 Million Users
The popular FinTech payment app, PaySphere, has disclosed a major data breach affecting approximately 4 million users. The company announced that an unauthorized party gained access to a production database for over two weeks, from January 28 to February 12, 2...
CopperSteal Infostealer Evolves to Target AWS, Azure, and Google Cloud Credentials
A new variant of the 'CopperSteal' information-stealing malware has emerged with a dangerous new focus: enterprise cloud environments. According to analysis by ThreatFabric, the updated malware now includes specific modules designed to hunt for and exfiltrate...
Telehealth Provider HealthPath Exposes 700,000 Patient Medical Files in S3 Bucket Leak
Telehealth provider HealthPath has suffered a massive data exposure due to a misconfigured Amazon S3 bucket. A security researcher discovered the cloud storage bucket was left publicly accessible, exposing over 700,000 sensitive documents, including medical sc...
Patch Now: Critical RCE Flaw (CVE-2026-31845) in ZenithJS Framework Threatens Web Apps
The maintainers of ZenithJS, a popular JavaScript web framework, have released an emergency patch for a critical remote code execution (RCE) vulnerability, CVE-2026-31845. The flaw, rated 9.8 on the CVSS scale, exists in the framework's data serialization libr...
Supply Chain Attack: Malicious 'PyUtils-Core' Library on PyPI Steals Developer Secrets
A software supply chain attack has compromised 'PyUtils-Core,' a popular Python library on the Python Package Index (PyPI) with millions of monthly downloads. The PyPI security team removed versions 1.8.7 and 1.8.8 after discovering they contained malicious co...
Social Media Giant ConnectSphere Hit with Landmark €800M GDPR Fine for Data Breaches
In a landmark ruling, European Union regulators have fined the social media platform ConnectSphere €800 million for significant and repeated violations of the General Data Protection Regulation (GDPR). The fine, issued by Ireland's Data Protection Commission (...
'Crimson Wyvern' APT Steals Cancer Research Data in Global Espionage Campaign
A state-sponsored APT group tracked as 'Crimson Wyvern' is orchestrating a widespread cyber-espionage campaign against leading cancer research facilities and pharmaceutical companies. According to a new report from Mandiant, the attacks have targeted organizat...
NorthGrid Power Report Reveals IT-OT Segmentation Failure Led to Blackout Attack
NorthGrid Power, a major U.S. utility, has published a detailed post-incident report on the December 2025 cyberattack that resulted in localized power outages. The report attributes the attack to a sophisticated threat actor and provides a transparent look at...
Actively Exploited 'GhostTouch' Zero-Day in Androis Allows Silent Malware Installation
Google's Project Zero has disclosed a critical zero-day vulnerability, 'GhostTouch' (CVE-2026-31999), affecting billions of Androis devices. The flaw, present in Androis versions 14, 15, and the beta of 16, allows an attacker to silently install malicious appl...