News

A ransomware attack targeted Winona County, Minnesota (April 6–7, 2026), impacting critical systems and digital services.

The attack persisted over multiple days, forcing portions of the county network offline and disrupting operations.

Due to the scale and complexity, local and commercial response capabilities were insufficient, prompting deployment of the Minnesota National Guard cyber protection team.

The North Korean-linked Lazarus Group (also tracked under aliases like Diamond Sleet or Andariel) has been observed deploying Medusa ransomware in extortion attacks against at least one organization in the Middle East and attempting, unsuccessfully, to breach a U.S. based healthcare entity.

Medusa, a ransomware-as-a-service (RaaS) strain operated by the cybercrime group Spearwing, has been used by affiliates in hundreds of attacks, but this is the first time Lazarus has been tied to it.

Spearwing has claimed responsibility for over 366 attacks to date.

On January 9, 2026, financial technology firm Betterment experienced a data breach after attackers carried out a successful social engineering attack against a third-party platform used for marketing and customer outreach.

Hackers gained unauthorized access to some internal systems and were able to send fraudulent cryptocurrency “promotion” messages — including promises to triple users’ crypto if they sent funds to attacker-controlled wallets.

Breach access was revoked quickly once detected. Betterment confirmed that no customer accounts, passwords or login credentials were accessed.

Windows 11 version 24H2 (after applying cumulative update KB5062553 released July 2025) is causing critical shell-level failures.

Affected components include the Start Menu, Taskbar, File Explorer (explorer.exe), System Settings, and more. On login — especially first-time logons or in non-persistent Virtual Desktop Infrastructure (VDI) environments - users may get empty taskbars, unresponsive Start buttons, crashes of explorer.exe or ShellHost.exe, or even a black screen / unusable desktop UI.

The root cause: a race condition with XAML-based UI dependency packages. After the update, required packages sometimes don’t register in time before the shell attempts to load UI components — resulting in shell startup failures.