Iran's current campaign reflects a deliberate shift toward attacking economic infrastructure and commercial actors. Data centers in the Gulf have faced physical, cyber, and hybrid strikes aimed at disrupting the digital backbone of global commerce.
The US Department of Justice, working with the cybercrime-fighting agency within the US Department of Defense known as the Defense Criminal Investigative Service, announced that it had dismantled four massive botnets in a single operation, removing the command-and-control servers used to commandeer the hacker-run armies of compromised devices known by the names JackSkid, Mossad, Aisuru, and Kimwolf.
Ransomware gangs, especially those with ransomware-as-a-service (RaaS) programs, frequently produce new builds of their encryptors, and ensuring that each new build is reliably undetected can be time-consuming. More importantly, encryptors are inherently very noisy (as they inherently need to modify a large number of files in a short period); making such malware undetected is rather challenging.
Umbral Stealer is an infostealer virus that can record keystrokes and take screenshots. In basic terms, it attempts to harvest sensitive information from the machines it infects, as it's primarily geared towards stealing users' passwords and cryptocurrency. The virus was distributed via a patch to Duet Night Abyss' launcher, which went live on Steam at 7:39 am UTC on March 18.
The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit's Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content.
This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles. While the exploit requires a specific time-based window (10-30 days), the resulting impact is a complete compromise of the host system.
