Healthcare Under Siege: Novo Nordisk and iRhythm Breached, as White House Overhauls National Security Cyber Policy

iRhythm Technologies Hit by Extortion Attack, Patient Health Data Stolen

iRhythm Technologies, the maker of the Zio wearable cardiac monitor, has disclosed a data breach that resulted from a social engineering attack on its third-party business applications. An unidentified threat actor exfiltrated proprietary company data and prot...

SoftBank and OpenAI Launch AI-Powered "Patching as a Service" for Japan's Critical Infrastructure

SoftBank Group, in collaboration with OpenAI, has launched a new cybersecurity offering in Japan called "Patching as a Service." The service, offered through their joint venture SB OAI Japan GK, uses OpenAI's advanced AI models to perform vulnerability assessm...

INTERPOL: Cybercrime Surges in Asia-Pacific, Accounting for 30% of All Crime in Some Nations

A new report from INTERPOL reveals a dramatic increase in cybercrime across the Asia and South Pacific regions, with online scams and other illicit activities now making up 30% of all recorded crime in some member nations. The '2025/2026 Asia and South Pacific...

CISA Warns of Disruptive DoS Flaw in Rockwell Automation Industrial Controllers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory for CVE-2026-11317, a denial-of-service (DoS) vulnerability affecting several models of Rockwell Automation's industrial controllers. These controllers are common in indust...

Aur0ra Ransomware Claims Attacks on US Agriculture and Canadian Trucking Firms

The Aur0ra ransomware group has claimed responsibility for cyberattacks against two new North American companies. On its data leak site, the group listed Allan Brothers, Inc., a U.S.-based agricultural company, and Diamond Truck Centres, a Canadian commercial...

Pharma Giant Novo Nordisk Discloses Data Breach Affecting Clinical Trial Participants

Update:Novo Nordisk has confirmed the data breach was orchestrated by the cyber-extortion group FulcrumSec. The attackers claim to have maintained network access for over two months, exfiltrating 1.3TB of sensitive data, including drug research, internal AI models, s...

Anubis Ransomware Hits Adriatic Port, Stealing Port Safety Plans in $10M Extortion Attempt

Update:A new Resecurity report identifies the target as the Italian port of Ancona and confirms the stolen port safety plans were leaked in January 2026 after the $10 million ransom was not paid. This escalation from data theft to public leak significantly increases...

Zero-Day 'RoguePlanet' in Microsoft Defender Grants SYSTEM-Level Control

Update:Microsoft has officially acknowledged the 'RoguePlanet' zero-day vulnerability in Defender, assigning it CVE-2026-50656. The company confirmed it is actively developing a security update to address the local privilege escalation flaw, which allows SYSTEM-level...

Actively Exploited Cisco SD-WAN Flaw Added to CISA KEV Catalog

Update:Further analysis of CVE-2026-20262 reveals that the path traversal vulnerability is actively exploited to achieve Remote Code Execution (RCE). Attackers are leveraging the flaw to write malicious .war files to the web server's deployment directory. These files...

DragonForce Ransomware Hid C2 Traffic Inside Microsoft Teams Infrastructure

Update:The custom Go-based RAT is named 'Backdoor.Turn' and employs a sophisticated C2 mechanism involving anonymous token acquisition, Microsoft Teams TURN relay servers, and QUIC tunnels. Initial access vectors include SQL/MSSQL vulnerabilities or initial access br...

HIBP Adds 56 Million Emails from Massive Infostealer Log Compilation

Update:Security researchers uncovered an 8.3-terabyte Elasticsearch cluster containing 24 billion records, including plaintext usernames, passwords, and login URLs. This compilation, primarily from infostealer malware and Telegram channels, was publicly accessible an...