🇸🇦 Saudi Cyber Daily Digest

<strong>What Orgs Can Learn From Olympics, World Cup IR Plans</strong> Cyberattackers are targeting the Milan-Cortina Winter Games, continuing a pattern of attacks on major sporting events. Despite the larger attack surface of such events, enterprises can extract valuable incide…

<strong>A Guy Who Wrote the Code Died in 2005. I Still Have to Secure It</strong> American critical infrastructure faces severe cybersecurity challenges due to reliance on decades-old industrial control systems. Organizations are forced to source 30-year-old controllers from pla…

<strong>INC Ransomware Group Holds Healthcare Hostage in Oceania</strong> The INC ransomware group has launched serious attacks against healthcare organizations in Australia, New Zealand, and Tonga, targeting government agencies and emergency clinics. This prolific ransomware ou…

<strong>Delinea&#039;s StrongDM Acquisition Highlights the Changing Role of PAM</strong> Delinea's acquisition of StrongDM enhances privileged access management capabilities by integrating ephemeral credential injection into developer workflows. This advancement strengthens secu…

<strong>Why Stryker&#039;s Outage Is a Disaster Recovery Wake-Up Call</strong> An Iranian cyberattack on Stryker exposed critical gaps in business continuity and disaster recovery planning. The incident demonstrates that organizations must prepare for sophisticated nation-state …

<strong>Commercial Spyware Opponents Fear US Policy Shifting</strong> The Trump administration's reversal of sanctions and reactivation of contracts with commercial spyware vendors has created policy uncertainty. This shift raises concerns about oversight of surveillance technol…

<strong>Delinea&#039;s StrongDM Acquisition Highlights the Changing Role of PAM</strong> Delinea's acquisition of StrongDM enhances privileged access management capabilities by injecting ephemeral credentials into developer workflows. This advancement strengthens security contro…

<strong>Why Stryker&#039;s Outage Is a Disaster Recovery Wake-Up Call</strong> An Iranian cyberattack on Stryker exposed critical gaps in business continuity and disaster recovery planning. The incident demonstrates that many organizations lack adequate preparation for sophistic…

<strong>Siemens Heliox EV Chargers</strong> Siemens Heliox EV chargers contain an improper access control vulnerability allowing attackers to reach unauthorized services through the charging cable. Siemens has released security updates and recommends immediate patching to preven…

<strong>Trane Tracer SC, Tracer SC+, and Tracer Concierge</strong> Multiple vulnerabilities in Trane Tracer SC, SC+, and Concierge building management systems could allow attackers to disclose sensitive information, execute arbitrary commands, or cause denial-of-service. These f…

<strong>Siemens SIMATIC</strong> Siemens SIMATIC S7-1500 industrial controllers contain a code injection vulnerability exploitable through social engineering, where attackers trick users into importing malicious trace files via the web interface. Siemens has released patches for…

<strong>Siemens RUGGEDCOM APE1808 Devices</strong> Fortinet discovered vulnerabilities in FORTIOS affecting Siemens RUGGEDCOM APE1808 industrial devices. Siemens has released security updates and strongly recommends immediate patching to address these vulnerabilities in their in…

<strong>Siemens SIDIS Prime</strong> Multiple vulnerabilities discovered in SIDIS Prime versions before V4.0.800 affecting OpenSSL, SQLite, and Node.js components. Siemens released security patches addressing these critical infrastructure vulnerabilities and urges immediate upda…

<strong>Inductive Automation Ignition Software</strong> Critical vulnerability in Inductive Automation Ignition Software allows authenticated attackers to execute malicious code with elevated OS service account permissions. This privilege escalation flaw poses significant risk t…

<strong>February 2026 CVE Landscape: 13 Critical Vulnerabilities Mark 43% Drop from January</strong> February 2026 recorded 13 critical vulnerabilities requiring immediate patching, representing a 43% decrease from January's 23 vulnerabilities. This reduction in high-impact CVEs…