Weekly INK

Medtech giant Stryker offline after Iran-linked wiper malware attack Source: BleepingComputer Iranian-backed hacktivist group Handala claimed responsibility for a devastating wiper malware attack against medical technology giant Stryker, reportedly wiping over 200,000 systems, servers, and mobile devices across offices in 79 countries. The group also claims to have stolen 50 terabytes of data before triggering the destructive wipe. Stryker confirmed the incident in an SEC fil

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets Source: The Hacker News Attackers are abusing legitimate OAuth redirection behavior to route victims from seemingly trusted identity-provider URLs to attacker-controlled pages. Campaigns target public-sector organizations and use links that trigger malware delivery via ZIP payloads, PowerShell execution, and DLL sideloading. Key mitigations include tightening user consent and reviewing OAuth app permi

Attackers Now Need Just 29 Minutes to Own a Network Source: Dark Reading Attack chains are compressing. This piece highlights how modern intrusions move from initial access to full environment control in under an hour by abusing stolen credentials, remote tools, and weak identity controls. For SMBs, the takeaway is clear: focus on MFA, credential hygiene, monitoring, and fast containment playbooks. Link to article CISA: BeyondTrust RCE flaw now exploited in ransomware attacks

Supply Chain Attack Embeds Malware in Android Devices Source: Dark Reading Researchers found malware embedded at the Android firmware level through a supply chain compromise. The threat can copy itself into apps and then pull down additional payloads for ad fraud, browser hijacking, and other remote actions. The key risk is that users may receive devices or updates already compromised. Link to article Flaws in popular VSCode extensions expose developers to attacks Source: Ble

Shai-hulud: The Hidden Costs of Supply Chain Attacks Source: Dark Reading A new breed of self propagating supply chain malware in open source ecosystems can rapidly alter thousands of software packages and create downstream damage well beyond the initial victim. The article explains how these campaigns spread, why detection is difficult, and what organizations must do to reduce software dependency risk. Link to article CISA warns of SmarterMail RCE flaw used in ransomware att

Harvard, UPenn Data Leaked in ShinyHunters Shakedown Source: Data Breach Today Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors’. Cyber extortion group ShinyHunters claimed responsibility Wednesday for late 2025 attacks against Harvard University and the University of Pennsylvania, publishing on a darkweb leak site what they claimed were more than 2 million records stolen from the two Ivy League schools. Link to article Russia’s APT28 Rapidly Weap

Social Engineering Hackers Target Okta Single Sign On Source: Data Breach Today Single sign-on customers of identity provider Okta should be on alert against attackers seeking to gain access to their corporate network, steal data and hold it to ransom, security experts warn. A surge in social engineering attacks has targeted users of Okta's SSO tools, leading the company to directly warn customers last week about this campaign. Link to article Chrome, Edge Extensions Caught S

AI Agents Undermine Progress in Browser Security Source: Dark Reading Early browser security gains are being eroded as AI agents and complex extensions increase attack surface. The piece explains how automated agents can misuse permissions, pivot via tabs, and skirt traditional controls, with practical advice to rein in extensions, harden policies, and monitor browser telemetry in business environments. Link to article Okta SSO accounts targeted in vishing-based data theft at

'Most Severe AI Vulnerability to Date' Hits ServiceNow Source: Dark Reading Authentication issues in ServiceNow potentially opened the door for arbitrary attackers to gain full control over the entire platform and access to the various systems connected to it. ServiceNow is a Fortune 500 company that, according to its promotional materials, acts as an IT services management platform for 85% of the companies that comprise the rest of the Fortune 500. Link to article Microsoft