Mar 13, 2026

Email 1:

Subject: Srsly Risky Biz: Trump’s Cyber Strategy… Great, Amazing, The Best Yets

Summary:

This newsletter by Tom Uren and Amberleigh Jack discusses President Donald Trump’s newly released Cyber Strategy. While the strategy presents ambitious goals including shaping adversary behavior with aggressive cyber operations, promoting common sense regulations, modernizing federal government networks, securing critical infrastructure, sustaining superiority in emerging technologies, and building talent, the administration’s prior actions contradict many of those goals. The strategy emphasizes offensive cyber action, intending to disrupt and disorient adversaries, with one specific pillar focusing on unleashing private sector capabilities. However, budget cuts and conflicts with leading companies undermine these efforts. The newsletter also discusses the risks and benefits of private sector and state-developed exploits, highlighting the Coruna exploit kit incident, and mentions recent successes such as the takedown of Tycoon 2FA phishing service, new US executive order prioritizing cyber fraud, and the UK’s new online crime center.

Email 2:

Subject: Medical device giant Stryker hit by wiper attack, Iranian hacktivist takes credit

Summary:

Michigan-based medical device manufacturer Stryker suffered a massive destructive cyberattack causing widespread outages globally, with an Iranian hacktivist group named Handala claiming responsibility. The attack wiped operating systems on devices, affecting employee access including multifactor authentication phones. The group linked the attack to retaliation for US-Israeli military actions in Iran. Additionally, Poland reported foiling a cyberattack on its nuclear research center possibly tied to Iran, and Iranian hackers hijacked advertising signs at train stations in Israel. Other incidents covered include cyberattacks on Albania’s parliament, Apple issuing security updates to patch the Coruna exploit, a former ransomware negotiator charged for colluding with BlackCat ransomware operators, Michelin impacted by an enterprise software zero-day exploit campaign, and data leaks from Dutch telco Odido. The newsletter also reports a data breach affecting Bell Ambulance’s sensitive personal records and new botnet malware targeting ASUS routers.

Email 3:

Subject: Pro-Iranian hackers claim cyberattack against Stryker | The CyberWire 3.12.26s

Summary:

Pro-Iranian hacktivist group Handala claimed responsibility for a destructive data-wiping cyberattack against Stryker, a major US medical manufacturer. The attack forced the company to instruct employees to disconnect from all networks and avoid powering on devices. The intrusion likely occurred through Microsoft Intune, allowing remote wiping capabilities. Stryker confirmed ransomware was not involved and that its systems were not directly hacked. The attack may impact healthcare supply chains reliant on Stryker equipment. Separately, Bell Ambulance in Wisconsin disclosed a data breach affecting nearly 238,000 individuals, involving personal and medical information stolen by the Medusa ransomware group. The US Cybersecurity and Infrastructure Security Agency (CISA) also shortened a patch deadline for a critical SolarWinds Web Help Desk vulnerability due to active exploitation threats.

Email 4:

Subject: Stop Quantum Threats with Inline PQC Inspections

Summary:

This SecurityWeek ungated brief discusses the emergence of quantum-safe encryption (post-quantum cryptography, PQC) and the challenges it introduces for current security tools which cannot inspect PQC-encrypted traffic. It highlights the risk of undetectable threats (“harvest now, decrypt later” attacks) hidden in PQC sessions and introduces Zscaler’s industry-first inline PQC inspection capability. This technology offers zero-trust architecture users the ability to decrypt and inspect PQC traffic with high performance and low latency while simplifying compliance. Related resources include briefings on Zero Trust and AI integration, and a checklist for assessing Zero Trust architectures.

Email 5:

Subject: Apple Updates Legacy iOS Versions to Patch Coruna Exploits

Summary:

Apple has released security updates for older iPhones and iPads to patch vulnerabilities exploited by the Coruna exploit chain. These updates bring fixes to devices unable to run the latest OS versions, including models such as iPhone 6s, 7, first-gen SE, 8, and X. The Coruna exploit involves multiple vulnerabilities affecting iOS 13 through 17.2.1, including weaknesses in the kernel and Safari WebKit. The newsletter also covers various cybersecurity news including new protection tools from Meta to disrupt scam centers, WordPress plugin vulnerabilities, patches from Splunk and Zoom, critical Cisco flaws, and an emerging malware called BlackSanta that disables EDR and AV solutions prior to payload detonation. Additionally, it reports on significant funding rounds for cybersecurity startups and notes Senate confirmation of Joshua Rudd to lead the NSA and US Cyber Command.

Stay Well!