**Hacker Pranks Weekly Recap**
A rundown of the latest cybersecurity news, vulnerabilities, and threat intelligence:
### ScreenConnect Servers Left Exposed to Attack
In a concerning development, an unpatched vulnerability in ScreenConnect servers has been discovered, allowing attackers to hijack sessions by exploiting ASP.NET machine keys. The vulnerability, identified as CVE-2026-3564, was patched by ConnectWise, but many organizations may still be vulnerable if they have not updated their systems.
### Microsoft SharePoint Flaw Exploited by Attackers
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a previously fixed vulnerability in Microsoft SharePoint. The flaw, identified as CVE-2026-20963, is a remote code execution (RCE) vulnerability that was patched in January 2026.
### DarkSword: Researchers Uncover Another iOS Exploit Kit
Google researchers have discovered another powerful iPhone hacking toolkit dubbed "DarkSword." This exploit kit has been used since November 2025 to compromise devices by exploiting zero-day iOS vulnerabilities. The discovery highlights the ongoing threat of iOS exploitation and emphasizes the need for timely software updates.
### Other Notable Stories:
* A CISA warning urges organizations to secure endpoint management systems immediately, citing a recent cyberattack on Stryker Corporation. * Researchers have discovered that attackers are using hidden instructions in README files to make AI agents leak data. * The EU has sanctioned companies from China and Iran over cyberattacks targeting its member states and partners. * Global fraud losses have climbed to $442 billion, driven by digital tools and organized networks operating across borders.
### Upcoming Releases:
* Microsoft Edge 146 adds IP privacy and local network access controls. * VulHunt: Open-source vulnerability detection framework Binarly has published VulHunt Community Edition. * Java 26 ships with new cryptography API and HTTP/3 support.
In conclusion, the latest cybersecurity news highlights the importance of staying vigilant in the face of emerging threats. With vulnerabilities in ScreenConnect servers and Microsoft SharePoint being actively exploited, organizations must prioritize timely software updates and security patches to protect themselves against attacks.