Ransomware Waves
Medusa gang hit University of Mississippi Medical Center (UMMC), disrupting 35 clinics, elective surgeries, and Epic EHR for nine days; they exfiltrated 1TB of patient/employee data and demanded $800K. They also targeted Passaic County, NJ, knocking out IT/phone services for 600K residents.
Critical Vulnerabilities
Google patched Chrome zero-days CVE-2026-3909 (Skia out-of-bounds write) and CVE-2026-3910 (V8 JS flaw) under active exploitation. Microsoft fixed 82 flaws in Patch Tuesday, including critical CVE-2026-21536 (9.8 CVSS) in Devices Pricing Program; CISA added SharePoint RCE CVE-2026-20963 (9.8 CVSS) to KEV catalog.