Google Patches Actively Exploited Chrome Zero-Days; Iran-Linked Wiper Attack Hits Med-Tech Giant Stryker
Summary
This cybersecurity brief for March 16, 2026, covers critical developments including emergency patches from Google for two actively exploited Chrome zero-days (CVE-2026-3909, CVE-2026-3910) added to CISA's KEV catalog. A major destructive wiper attack by the Iran-linked Handala group crippled medical tech firm Stryker by weaponizing its Microsoft Intune platform. Other significant events include a supply chain attack on the AppsFlyer SDK to steal cryptocurrency, a critical data exposure at UK's Companies House affecting five million businesses, and Microsoft's emergency hotpatch for Windows 11 RRAS flaws.
Today New Articles
Ransomware Splinters as Attacks Surge 59% in Asia-Pacific, S-RM Report Finds
S-RM's 2026 Cyber Incident Insights Report reveals a significant shift in the ransomware landscape, which is fragmenting into a more diverse and unpredictable ecosystem. Based on over 800 incidents in 2025, the report identified 67 distinct ransomware groups,...
UK Companies House Flaw Exposes Data of 5 Million Companies
The UK's official business registry, Companies House, has confirmed a significant security vulnerability in its WebFiling service that exposed the sensitive data of personnel from five million registered companies. The flaw, which was active from October 2025...
CISA KEV Alert: Actively Exploited Wing FTP Server Flaw Added to Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-47813, a medium-severity information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities (KEV) catalog. This indicates the flaw is being activel...
Play Ransomware Claims Attack on U.S. Aviation Firm Executive Aviation
The Play ransomware group, also known as Playcrypt, has claimed responsibility for a cyberattack against Executive Aviation, a company in the U.S. aviation sector. On March 15, 2026, the group posted the company's name on its dark web leak site, threatening to...
'The Gentlemen' Ransomware Hits Thai Financial Firm Chase Asia
A relatively new ransomware group calling itself 'The Gentlemen' has claimed responsibility for a cyberattack on Chase Asia, a major debt collection and loan management firm in Thailand. On March 16, 2026, the group threatened to publish the company's data if...