CISA Alerts on Exploited Zimbra and SharePoint Flaws — The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about active exploitation of vulnerabilities in Zimbra and Microsoft SharePoint. Russian state-backed APT28 is exploiting a Zimbra flaw in attacks on Ukrainian government entities, while a critical SharePoint vulnerability, patched in January, is also being leveraged. Security teams should prioritize patching these vulnerabilities to prevent unauthorized access and data breaches.

DarkSword iOS Exploit Kit Targets Millions of Devices — Ars Technica Security

A new iOS exploit kit named DarkSword has been discovered, leveraging six vulnerabilities, including three zero-days, for full device takeover. The attack chain allows for remote control and data extraction from affected devices. Security teams should ensure iOS devices are updated to the latest software version and monitor for indicators of compromise related to this exploit.

Navia Data Breach Exposes 2.7 Million Individuals — BleepingComputer

Navia Benefit Solutions has disclosed a data breach impacting 2.7 million people, compromising sensitive personal information. The breach highlights the importance of robust data protection measures and incident response plans. Affected individuals should be notified promptly, and security teams should review access controls and data handling practices to mitigate further risks.

• CISA urges US orgs to secure Microsoft Intune systems after Stryker breach [BleepingComputer]
• Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers [The Hacker News]
• New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data [The Hacker News]
• Critical Microsoft SharePoint flaw now exploited in attacks [BleepingComputer]
• AI Conundrum: Why MCP Security Can't Be Patched Away [Dark Reading]