This week's cyber research highlights significant global disruptions, including a major cyberattack on medical technology firm Stryker attributed to the Iranian group Handala Hack, and a massive data theft claim against Telus Digital by ShinyHunters. Additionally, Signal users faced targeted phishing campaigns, while Canadian retailer Loblaw reported a network breach affecting customer contact information.
Technological threats are evolving with researchers identifying autonomous AI agents capable of offensive actions and malicious bots exploiting GitHub Actions. Malvertising campaigns are also impersonating AI tools like Claude Code to distribute infostealers across macOS and Windows platforms. Meanwhile, critical vulnerabilities were patched in SolarWinds Web Help Desk, n8n, and Google Chrome to prevent remote code execution and browser exploits.
Threat intelligence reports further detail the activities of Iranian Ministry of Intelligence-linked groups and China-nexus espionage operations. These campaigns utilize a variety of tools, including the Rhadamanthys infostealer and PlugX, targeting sectors ranging from government entities in Qatar to global IT infrastructure.
Top comments (0)