07 Apr 2026
By Mary

InfoSec News Nuggets 04/07/2026

Microsoft links Medusa ransomware affiliate to zero-day attacks Microsoft says the China-based group it tracks as Storm-1175 is moving unusually fast in Medusa ransomware intrusions, sometimes weaponizing newly disclosed bugs within a day and in some cases exploiting flaws before patches are released. The company said recent campaigns hit healthcare, education, professional services, and finance targets, and showed the group chaining multiple vulnerabilities to gain persistence, steal credentials, disable defenses, and deploy ransomware within days…
Read More
07 Oct 2025
By Mary

InfoSec News Nuggets 10/07/2025

Thieves steal IDs and payment info after data leaks from Discord support vendor  Discord has confirmed customers' data was stolen – but says the culprit wasn't its own servers, just a compromised support vendor. The chat platform revealed late last week that an unnamed customer service vendor had been compromised, exposing support tickets and personal details submitted by users who had contacted Discord's help or Trust & Safety teams. The company stressed that its own systems were…
Read More