Speagle Malware Hijacks Cobra DocGuard to Exfiltrate Data via Compromised Legitimate Servers
20 Mar 2026 Peter Bassill
Symantec and Carbon Black researchers have uncovered Speagle, a novel parasitic malware that abuses the Cobra DocGuard document security platform to harvest sensitive data and exfiltrate it through the software's own compromised server infrastructure — masking malicious traffic as legitimate client-server communications. The campaign, tracked as Runningcrab, appears to specifically target organisations with Cobra DocGuard installed.
DarkSword iOS Exploit Kit: Six Vulnerabilities, Three Zero-Days, and Full Device Takeover
20 Mar 2026 Peter Bassill
Researchers at Google, iVerify, and Lookout have exposed DarkSword, a full-chain iOS exploit kit targeting iPhones running iOS 18.4–18.7. Leveraging six vulnerabilities including three zero-days, the kit has been used by multiple threat actors — including a suspected Russian espionage group — to silently exfiltrate credentials, crypto wallets, messages, and more within seconds of a single page visit.