Lookout researchers identified DarkSword, a sophisticated iOS exploit used by Russia-linked actors to silently compromise Ukrainian iPhones, exfiltrate data, and erase traces.
DarkSword chains six iOS vulnerabilities for full device compromise and is deployed by both state-sponsored hackers and commercial spyware vendors.
Iran-linked Handala hackers breached medtech giant Stryker using credentials stolen via infostealer malware.
Russia-linked actors are using DarkSword, a new iOS exploit kit, identified by iVerify, Lookout, and Google researchers.
Iran struck Israel in retaliation after Israeli airstrikes killed two Iranian leaders near Tehran. The exchange marks a significant escalation in direct military confrontation between the two states.
Director of National Intelligence Tulsi Gabbard omitted foreign election interference from the annual threat assessment, breaking with years of precedent documenting Russian, Iranian, and Chinese i...
Xi has removed more than 100 senior People's Liberation Army officers since 2022, including top general Zhang Youxia, in the largest military purge in decades.
CISA Acting Director Nick Andersen says no spike in Iranian cyber threats has been detected despite active military conflict. The agency is coordinating closely with industry as a precaution.
Major international blocs including BRICS, NATO, and G-7 are internally divided over how to respond to the Iran conflict. Fragmented alliances reduce prospects for coordinated geopolitical pressure.
Analysts warn Pyongyang is rapidly absorbing strategic lessons from Israel's strikes on Iran. North Korea will likely accelerate nuclear deterrence efforts to avoid a similar fate.
A Foreign Policy op-ed argues Japan should formally commit to sinking a Chinese invasion fleet targeting Taiwan. Explicit Japanese deterrence commitments could reshape Indo-Pacific security calculus.
The EU sanctioned Chinese and Iranian companies already blacklisted by the US and UK for supporting state-linked hacking operations against EU member states.
Treasury sanctioned six individuals and two entities running DPRK's fake remote-worker scheme that defrauds US firms to fund Kim Jong Un's weapons programs.
EU sanctions hit two Chinese individuals, two Chinese firms, and one Iranian company for enabling cyberattacks on EU member states.
Interlock ransomware gang is actively exploiting CVE-2026-20131, a CVSS 10.0 deserialization flaw in Cisco Secure Firewall Management Center, enabling unauthenticated remote root access.
Interlock ransomware exploited the CVSS 10.0 Cisco FMC flaw CVE-2026-20131 for over a month before Cisco patched it, Amazon's security chief confirmed.
Interlock ransomware gang has been exploiting a max-severity RCE flaw in Cisco Secure Firewall Management Center since January.
CISA ordered federal agencies to patch actively exploited flaws in Zimbra and Microsoft SharePoint. A separate Cisco FMC zero-day is being hit by ransomware operators.
Google warns multiple spyware vendors and nation-state actors are exploiting a new iOS exploit chain called Darksword to steal sensitive user data.
CISA mandated federal agencies patch an actively exploited XSS vulnerability in Zimbra Collaboration Suite. Failure to patch leaves government email infrastructure exposed to ongoing attacks.