AI Security Risks Surge in Healthcare

social-engineeringemerging-threatssupply-chain

a close up of a typewriter with a piece of paper on it

Industrialized Social Engineering on the Rise

Sophisticated social engineering attacks are becoming increasingly industrialized, posing significant threats to maintainers and users of popular packages. Recent high-profile hacks demonstrate the patience and sophistication of certain threat actors.

April 7, 2026

ransomwarecybercrimelaw-enforcement

Ransomware Leaders Identified

German police have identified the alleged leaders of the GandCrab and REvil ransomware groups, marking a significant victory in the fight against cybercrime. This breakthrough may lead to further disruptions of ransomware operations and reduce the incidence of such attacks.

April 7, 2026 critical

zero-dayransomwaremedusa-ransomware

Storm-1175 Threat Actor Exploits Zero-Days

China-linked Storm-1175 threat actor exploits zero-day and N-day vulnerabilities to deploy Medusa ransomware, posing a significant threat to internet-facing systems. Organizations must ensure their systems are up-to-date and securely configured to mitigate potential attacks.

April 7, 2026

cyberattacksdata-leakorganization-security

Cyberattack Hits German Party

A cyberattack on the German political party Die Linke has raised concerns about cybersecurity threats to organizations. Hackers have threatened to leak data, emphasizing the need for robust security measures.

password-sprayingmicrosoft-365iran-linked-threat-actor

Iran-Linked Threat Actor Targets Microsoft 365

An Iran-linked threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. The campaign highlights ongoing cyber threats in the Middle East region, with attackers exploiting weak passwords or authentication mechanisms.

zero-dayransomwarewindows

A combination lock rests on a computer keyboard.

Medusa Ransomware Zero-Day Attacks

Medusa ransomware affiliate linked to zero-day attacks, posing a significant risk to organizations. Microsoft has identified Storm-1175 as the actor behind Medusa payloads, highlighting the need for timely vulnerability remediation and robust security measures.

supply-chain-attacksocial-engineeringnodejs

a purple background with a black and blue circle surrounded by blue and green cubes

Node.js Under Siege

North Korean hackers target Node.js maintainers with social engineering campaigns, exploiting Redis and PostgreSQL to deploy persistent implants. 36 malicious npm packages discovered, affecting thousands of projects.

ransomwarezero-daywindows

a laptop computer sitting on top of a wooden table

Qilin and Warlock Ransomware Threats Escalate

Qilin and Warlock ransomware operations are using vulnerable drivers to disable over 300 EDR tools, posing a significant threat to cybersecurity. Learn about the emerging threats and techniques used by these ransomware groups.

linux-vulnerabilitysecurity-researchpatch-management

a close up of a computer chip with the letter l on it

23-Year Old Linux Vulnerability Discovered

A hidden Linux vulnerability was recently discovered after 23 years, highlighting the importance of continuous security research and testing. This finding underscores the potential for unknown vulnerabilities in widely used software and emphasizes the need for vigilant patch management.

April 5, 2026