Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

February 24, 2026
No Comments

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team.
Broadcom’s threat intelligence division said it also identified the same threat actors mounting an unsuccessful attack against a healthcare

Leave a Reply Cancel reply

PayPal Customer Data Exposed for Six Months in Breach February 24, 2026
PayPal has disclosed a data breach that exposed some of its customers’ personal information and led to fraudulent transactions. The company said it happed due to an error in its PayPal Working Capital (“PPWC”) loan application, an offering that gives businesses a cash advance based on their PayPal sales history. Between 1 July and 13 December 2025, the PII of a small number […]
Kirsten Doyle
Americans Lost Over $20 million in ATM “Jackpotting” Attacks February 24, 2026
Malware-fuelled ATM “jackpotting” attacks are surging across the United States, with the FBI warning that incidents have spiked sharply in 2025. In a recent alert, the Bureau said it has recorded around 1,900 ATM jackpotting incidents since 2020. Alarmingly, more than 700 of those cases (representing over $20 million in losses) have happened this year alone. […]
Kirsten Doyle
Microsoft Copilot Flaw Exposed Confidential Emails February 24, 2026
A bug has been causing Microsoft Copilot to read and summarise users’ confidential emails, and it’s been happening since late January. Microsoft says the issue stems from a code error that bypassed data loss prevention (DLP) policies designed to stop sensitive information from being accessed in the first place. It was first reported by BleepingComputer. “Users’ email messages with a confidential label applied are […]
Kirsten Doyle
New Phishing Kit Starkiller Defeats Multi-Factor Authentication February 23, 2026
Abnormal has discovered a new phishing kit that allows bad actors to steal usernames and passwords with a toolkit that spoofs live login pages and bypasses multi-factor authentication (MFA) protections. Most phishing kits depend on static HTML clones of login pages, which, while effective, are inherently fragile. Even a small interface update from the brand being impersonated […]
Kirsten Doyle
Why AI Adoption Has Become the Greatest Security Challenge of Our Time February 23, 2026
Companies are investing in artificial intelligence at an unprecedented pace. Few areas of business remain untouched by automation, generation, or analysis through AI, yet what’s often missing from the conversation is how quickly this shift is redefining the threat landscape for modern organizations. Rapid innovation is increasingly turning into a security challenge, and the race […]
John Mutuski
CISA Warns of Critical Security Vulnerability in Honeywell Cameras February 20, 2026
CISA has warned that a critical security vulnerability (CVE-2026-1670) has been identified in four Honeywell CCTV camera models. “Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise,” the advisory said. The flaw is classified as “missing authentication for […]
Kirsten Doyle
ESET Discovers First Android Malware to Abuse Generative AI for Dynamic UI Manipulation February 20, 2026
Security researchers at ESET have uncovered what they describe as the first known case of Android malware abusing generative AI to manipulate a device’s user interface in real time. Dubbed PromptSpy, the newly identified malware family uses Google’s Gemini to analyze on-screen content and dynamically guide malicious actions. While machine learning has previously been used in Android threats (including a recent […]
Kirsten Doyle
Who Can You Trust? February 19, 2026
Scammers, confidence men, swindlers. Whatever you call them, for all of human history, people have made a living cheating others out of their hard-earned possessions. While that’s never going to change, their tactics, however, always will. In Q4 2025, email scammers doubled down on a strategy that has worked for millennia: exploiting trust. These tricksters […]
Rene Santiago
APIs Under Siege: Wallarm Report Reveals How AI Is Supercharging Modern Cyberattacks February 18, 2026
APIs made up 17% of 67,058 published vulnerabilities in 2025, a total of 11,053 API-related flaws. The overlap between APIs and AI is even more notable. More than a third (36%) of AI vulnerabilities (786 out of 2,185) were API-related. Of the 245 vulnerabilities identified in the U.S. Cybersecurity and Infrastructure Security Agency’s 2025 Known Exploited Vulnerabilities […]
Kirsten Doyle
Eurail User Records Up for Sale on the Dark Web February 18, 2026
Eurail BV has confirmed that some customer data impacted by the previously reported security incident has been offered for sale on the dark web and a sample data set has been posted on Telegram. The company said it is continuing to investigate the scope and impact. Last month, the company revealed that it had experienced a data breach when bad actors […]
Kirsten Doyle

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

Leave a Reply Cancel reply

[email protected]

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Share :

Leave a Reply Cancel reply