This week’s The Cyber Express weekly roundup highlights major cybersecurity developments affecting organizations, governments, and individuals worldwide. Key stories include destructive cyberattacks, such as system-wide wipes and targeted breaches, as well as state-backed cyber espionage targeting technology and research sectors.  

The roundup also covers proactive defense measures, including bug bounty programs, critical software patches, and industry responses to emerging malware. Together, these incidents highlight the technical prowess of cyber threats, the direct impact on operations and data security, and the urgent need for timely mitigation strategies across both public and private sectors. 

The Cyber Express Weekly Roundup 

Iran-Linked Hackers Wipe 200,000 Devices in Stryker Cyberattack 

In one of the most significant cybersecurity incidents this week, an Iran-linked hacker group known as Handala carried out a large-scale attack on Stryker Corporation. The group remotely wiped over 200,000 devices across 79 countries, bringing portions of the company’s operations to a halt. Handala has claimed responsibility, stating the attack was retaliation for a recent U.S. military strike in Iran. Read more… 

India Launches Bug Bounty to Secure Aadhaar Ecosystem 

India’s Unique Identification Authority (UIDAI) has launched a structured bug bounty program aimed at strengthening the Aadhaar ecosystem. Twenty expert ethical hackers have been enlisted to rigorously test core platforms, including the myAadhaar portal, the official website, and the Secure QR Code app. Read more… 

Finland Issues Warning on Russian and Chinese Cyber Espionage 

Finland’s Security and Intelligence Service (SUPO) has issued a warning regarding ongoing cyber espionage campaigns from Russian and Chinese state-backed actors. These campaigns are targeting technology companies, research institutions, and government networks. Read more… 

Microsoft March 2026 Patch Tuesday Addresses Critical Vulnerabilities 

Microsoft’s March 2026 Patch Tuesday update addresses 79 vulnerabilities across its ecosystem, including SQL Server, .NET, Office, SharePoint, Azure, and Windows. Notably, the update resolves two zero-day vulnerabilities and multiple remote code execution flaws. Additional updates target SharePoint, Azure MCP Tools, and Windows privilege escalation vectors. Read more… 

Cyberattack Forces Polish Hospital to Revert to Paper Operations 

The Independent Public Regional Hospital in Szczecin, Poland, experienced a cyberattack on March 7–8, 2026, which encrypted parts of its IT system and blocked access to critical digital records. Hospital officials confirmed that patient care continued without interruption, but administrative processes slowed considerably. Read more… 

ClipXDaemon: Linux Malware Hijacks Cryptocurrency Transactions 

A new Linux-based malware, ClipXDaemon, has been discovered targeting cryptocurrency users. The malware silently replaces copied wallet addresses with attacker-controlled addresses, allowing the theft of Ethereum, Bitcoin, Monero, Dogecoin, and Litecoin. ClipXDaemon operates locally without network communication, disguises itself as a kernel process, and persists by modifying the user’s ~/.profile file. Read more… 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights the breadth of modern cybersecurity challenges, from geopolitically motivated attacks and malware targeting cryptocurrencies to proactive measures such as India’s bug bounty program and Microsoft’s critical patches. Organizations, governments, and individuals must remain vigilant, prioritize timely patching, and adopt proactive monitoring to navigate the complex threat landscape.