Iran-Linked Wiper Attack Cripples Medtech Giant Stryker; ShinyHunters Breaches Telus & Aura.com
Summary
A destructive wiper attack attributed to the Iran-linked Handala group caused global disruptions at medical technology firm Stryker by abusing its Microsoft Intune platform to wipe over 200,000 devices. This incident highlights a week marked by significant supply chain and extortion attacks, with the ShinyHunters group claiming major data breaches at Canadian outsourcer Telus Digital and security firm Aura.com. Other key events include a supply-chain attack on the AppsFlyer SDK, a phishing-induced breach at Starbucks, and new critical vulnerabilities disclosed for OneUptime and end-of-life D-Link routers. The cybersecurity landscape was also shaped by policy, as a new CA/Browser Forum mandate reduces TLS certificate lifespans to 200 days, forcing organizations toward automated certificate management.
Today New Articles
Critical CVSS 9.9 SQL Injection Flaw (CVE-2026-32306) Hits OneUptime Platform
A critical SQL injection vulnerability, CVE-2026-32306, with a CVSS score of 9.9 has been disclosed in the OneUptime open-source observability platform. The flaw allows a low-privileged authenticated user to execute arbitrary SQL commands against the backend C...
AppsFlyer Web SDK Hijacked in Supply-Chain Attack to Deploy Crypto-Stealing Malware
The widely used AppsFlyer Web SDK was compromised in a software supply-chain attack reported on March 14, 2026. For a brief period, the official SDK hosted on 'websdk.appsflyer.com' was replaced with a malicious version that delivered a crypto-stealing JavaScr...
Payload Ransomware Hits Royal Bahrain Hospital, Threatens to Leak 110 GB of Patient Data
The Payload ransomware group has claimed responsibility for a cyberattack on the Royal Bahrain Hospital (RBH), a major healthcare provider in the Gulf region. In a post on their dark web leak site dated March 15, 2026, the group alleged it had stolen 110 gigab...
HHS Launches Free Cybersecurity Toolkit to Help Healthcare Orgs Assess Risk
The U.S. Department of Health and Human Services' (HHS) Administration for Strategic Preparedness and Response (ASPR) has launched a new cybersecurity module for its free RISC 2.0 Toolkit. Announced on March 14, 2026, the web-based tool is designed to help hea...
CA/Browser Forum Mandate Cuts TLS Certificate Lifespan to 200 Days, Forcing Automation
Effective March 15, 2026, a major industry-wide policy change mandated by the CA/Browser Forum has reduced the maximum lifespan of all newly issued public TLS/SSL certificates from 398 days to just 200 days. This change, which affects all Certificate Authoriti...
Article Updates
CISA Issues Binding Directive: Federal Agencies Must Remove Unsupported Edge Devices
Update:On March 15, three critical zero-day vulnerabilities (CVE-2026-4181, CVE-2026-4182, CVE-2026-4183) were disclosed for the End-of-Life D-Link DIR-816 router. These unauthenticated remote command injection flaws, each with a CVSS score of 9.3, allow attackers fu...
Google and Partners Dismantle Chinese Espionage Campaign (UNC2814) Targeting Global Telecoms
Update:Costa Rican officials have publicly attributed a January 2026 cyberattack on the state-owned Instituto Costarricense de Electricidad (ICE) to the Chinese-linked threat actor UNC2814. The attack resulted in the exfiltration of 9 gigabytes of data from administr...
Canadian Retail Giant Loblaw Investigates Data Breach Exposing Customer Info
Update:Further analysis of the Loblaw data breach provides deeper technical insights into the incident. Potential attack vectors include exploitation of public-facing applications (T1190) or phishing (T1566). The report details cyber observables for detection, such a...
Starbucks Discloses Data Breach After Phishing Attack on Employee Portal
Update:The latest report on the Starbucks data breach specifies that the compromised financial information includes employees' bank account and routing numbers, which were used for payroll. This provides a more granular understanding of the sensitive data exposed. Ad...