Mar 25, 2026

1. Subject: Leaked DarkSword iPhone spyware lowers bar for mass exploitations

   Summary:

2. A newly leaked version of DarkSword iPhone spyware toolkit was published on GitHub, making it accessible to a broad range of cybercriminals.
3. The spyware exploits vulnerabilities in iOS versions older than iOS 26, jeopardizing hundreds of millions of iPhones and iPads that have not been updated.
4. The leaked toolkit is easy to deploy, mainly using simple HTML and JavaScript, and can extract sensitive data such as contacts, messages, call history, and credentials.
5. Apple issued emergency updates and emphasizes current iOS versions and features like Lockdown Mode protect users.
6. The leak raises concerns about advanced mobile spyware tools spreading beyond government/intelligence use.

   Other cybersecurity updates:

7. FCC bans imports of new foreign-made consumer routers over national security risks;
8. Foster City, CA, declares a state of emergency after ransomware disrupted emergency systems;
9. German police warned companies of severe vulnerabilities in Windchill and FlexPLM software;
10. Phishing incidents in Scioto County, Ohio;
11. Russian cybercriminal sentenced for facilitating ransomware attacks;
12. US State Department launches Bureau of Emerging Threats focusing on advanced tech threats by adversaries;

13. Multiple other incidents and threat reports highlighted.

14. Subject: DarkSword iOS exploit kit leaks to GitHub | The CyberWire 3.24.26s

    Summary:

15. The DarkSword iOS exploit kit was publicly posted on GitHub, enabling anyone to target iPhones running versions prior to iOS 26.
16. Reports from iVerify, Lookout, and Google revealed DarkSword was previously used by a Russian espionage group in watering-hole campaigns targeting Ukrainians.
17. The exploit kit enables privileged code execution and exfiltration of sensitive data.
18. Apple acknowledged the issue and issued emergency updates on March 11 for devices unable to run the latest iOS.
19. Citrix patched a critical remote memory information leak vulnerability (CVE-2026-3055) in NetScaler ADC and Gateway; patching is urgent to prevent exploitation.
20. The FCC banned all new sales of foreign-made consumer routers in the US due to national security risk from vulnerabilities exploited in prior cyberattacks (Volt, Flax, Salt Typhoon).

21. The ban exempts existing approved devices but emphasizes removing foreign backdoors in home networks and infrastructure.

22. Subject: Webcast: The AI Inflection Point — What Security Leaders Are Seeing Now

    Summary:

23. Announcement of the “BTP 2026: The AI Inflection Point” webcast on April 7 & 8 featuring CrowdStrike, Okta, and Zscaler.
24. Focus: How AI accelerates security outcomes, current gaps, and future priorities in cybersecurity.
25. Key takeaways include understanding how AI is changing attack paths, improving detection/response, and integrating identity, network, and endpoint signals without complexity.
26. The webcast aims to cut through AI hype, showing real security benefits and practical next steps.

27. Related resources are offered such as AI Red Teaming Engagement Playbook for CISOs and Zscaler AI Security Report.

28. Subject: Stryker Found Malicious During Probe Into Iran-Linked Attacks

    Summary:

29. Stryker found a malicious file during an investigation connected to an Iran-linked cyberattack.
30. Extortion group claims to have hacked AstraZeneca.
31. Iran is reportedly using an extensive camera network to monitor dissent; Israel exploited that network for targeting.
32. Critical Citrix NetScaler vulnerability flagged for exploitation risk; patches recommended urgently.
33. Mazda disclosed a data breach exposing employee and partner personal information from a warehouse management system vulnerability.
34. Other updates include:
35. RSAC 2026 Day 1 conference summaries;
36. Chrome 146 security update;
37. QualDerm data breach affecting 3.1 million;
38. Surge in cyberattacks in Poland in 2025;
39. Discussions on agentic AI governance and security challenges;
40. Webcast announcement on CIS Controls and Benchmarks.

Stay Well!