👉 What’s going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Darksword Ios Kit Uses 3 Zero-Days

A new iOS exploit kit called DarkSword has been active since late 2025, used by various state-sponsored and commercial actors to steal data from iPhones. The kit targets devices running older versions of iOS 18 to exfiltrate credentials and cryptocurrency information through a sophisticated chain of six vulnerabilities.

2. Cisa Warns Of Zimbra, Cisco Zero-Day

CISA has issued an urgent directive for government agencies to patch actively exploited vulnerabilities in Synacor Zimbra Collaboration Suite and Microsoft Office SharePoint. These security flaws are being weaponized by sophisticated threat actors to execute remote code and steal sensitive data from federal networks.

3. Speagle Malware Hijacks Cobra Docguard

Speagle malware has compromised the servers of Cobra DocGuard to distribute malicious payloads and hijack legitimate software updates. This sophisticated attack allows threat actors to bypass security protocols and exfiltrate sensitive data from targeted corporate networks.

For more alerts click here!

Subscribe Now

💥 Cyber Incidents

4. Breathalyzer Firm Breach Stops Cars

A major cybersecurity attack on the breathalyzer company Intoxalock has left thousands of drivers with previous DWI convictions unable to operate their vehicles. The security breach began on Saturday, preventing necessary system calibrations and leaving customers with little information or means of transportation.

5. Nordstrom Email Abuse Sends Crypto Scams

Nordstrom customers were recently targeted by a sophisticated phishing campaign that sent fraudulent cryptocurrency offers directly from an official company email address. The messages exploited the Nordstrom brand and a St. Patrick’s Day theme to trick recipients into sending digital currency to a scammer’s wallet under the guise of a promotional giveaway.

6. Police Warn Of Phishing After City Loss

Police Chief Shane Washburn is warning the public to remain vigilant after a scammer impersonating a construction firm nearly defrauded the city of Arab out of over four hundred thousand dollars.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. US Takes Down Botnets In Cyberattack

The US Justice Department successfully dismantled four major botnets—Aisuru, Kimwolf, JackSkid, and Mossad—which had compromised over 3 million devices worldwide. These networks of hijacked home computers were responsible for launching some of the largest recorded distributed denial-of-service attacks before being wiped from the internet by federal law enforcement.

8. Musician Admits To $10M Streaming Fraud

Michael Smith, a musician from North Carolina, has pleaded guilty to orchestrating a massive fraud scheme that used artificial intelligence and bot accounts to steal over $10 million in streaming royalties. Between 2017 and 2024, Smith manipulated platforms like Spotify and Amazon Music by streaming hundreds of thousands of AI-generated tracks billions of times to illicitly collect payouts.

9. Justice Dept Seizes Iran Hacker Domains

The Justice Department recently seized several domains used by Iranian intelligence to conduct cyberattacks against a U.S. medical technology firm and to harass dissidents. These platforms served as hubs for leaking sensitive data and issuing death threats to journalists and individuals critical of the Iranian government.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks closed the week under continued pressure as broader technology markets remained volatile, with investors still recalibrating valuations across high-growth software.

• Zscaler traded near ~175–180 dollars and was lower, reflecting ongoing valuation pressure on premium cloud security platforms.

• Fortinet closed near ~83–84 dollars and was slightly lower, tracking broader weakness in network security and enterprise IT spending sentiment.

• Check Point Software Technologies closed near ~163–165 dollars and held relatively stable, supported by its more defensive positioning within the sector.

• SentinelOne traded near ~13–14 dollars and was lower, as unprofitable growth cybersecurity firms remained under pressure.

• Rapid7 traded near ~46–48 dollars and declined, with mid-cap cybersecurity names continuing to follow broader software sector weakness.

💡 Cyber Tip

🚨 CISA Warns of Actively Exploited Zero-Day Flaws

CISA has alerted organizations about critical vulnerabilities in Zimbra and Microsoft SharePoint that are actively being exploited. Attackers are using these flaws to run malicious code and steal sensitive data, often through stealthy, browser-based attacks that require no downloads.

🛠️ What You Should Do

• Apply the latest security patches for Zimbra, SharePoint, and affected systems immediately

• Monitor email activity and web sessions for unusual behavior

• Train users to be cautious of unexpected emails, even without links or attachments

• Implement network monitoring to detect data exfiltration over DNS or HTTPS

⚠️ Why This Matters
These attacks show a shift toward fileless techniques that are harder to detect with traditional security tools. If left unpatched, attackers can gain access to credentials, emails, and internal systems without triggering obvious alerts.

Visit BookClub

📚 Cyber Book

Surviving a Cyberattack: Securing Social Media and Protecting Your Home by Todd Shipley and Bowker Art

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium