Claude can attack you, DarkSword steals files from iPhones: What happened in cybersec last week, March 24

Here are my cybersecurity stories for the week

Mar 24, 2026

Every day I write five cybersecurity news pieces. At the end of the week, I share a quick breakdown of the biggest stories to hit the news.

Three high-risk AI vulnerabilities discovered in Claude.ai

Mobile phone displaying a Claude login screen. — Image credit: Anthropic

Claude.ai has three vulnerabilities which hackers can chain together to steal all the information users share with the tool.

One is already fixed, but the other two apparently - not yet.

This is important because the attack does not need particular integrations or tools - a simple phishing attack will do just fine.

Three high-risk AI vulnerabilities discovered in Claude.ai – end-to-end attack chain exfiltrates sensitive info without user knowing

Infostealers are being disguised as Claude Code, OpenClaw and other AI developer tools

Claude Code for Enterprise and Team — Image credit: Anthropic

Be careful where you download your Claude client from. Crooks are setting up ads on Google redirecting people to fake Claude landing pages where they serve them malware.

People trust Google, so these campaigns are usually quite successful.

Victims end up losing their cryptos, work projects, passwords, and sensitive files.

Infostealers are being disguised as Claude Code, OpenClaw and other AI developer tools

This new DarkSword iOS exploit can steal almost everything from your iPhone

Entering passcode on an iPhone — Image credit: Shutterstock

Researchers found a new malware framework called DarkSword, which leverages at least six vulnerabilities to steal files from people’s iPhones.

DarkSword is in active use since at least November 2025, by multiple commercial malware vendors, as well as state-sponsored groups.

That includes the Turkish company PARS Defense, Russian state hackers UNC6353, and UNC6748, who’ve been targeting the Saudis.

This new DarkSword iOS exploit can steal almost everything from your iPhone – here's what we know

Stryker hackers allegedly wiped tens of thousands of devices without using any malware

Microsoft Intune Review Listing — Image credit: Microsoft

The US/Israel - Iran conflict has spilled into cyberspace in the most brutal way possible.

Iranian hackers broke into Stryker (a Fortune 300 medical technology company), stole terabytes of data and then WIPED TENS OF THOUSANDS OF DEVICES.

Employees literally woke up in the morning and found empty smartphones, laptops, servers.

The entire company ground to a halt.

Stryker hackers allegedly wiped tens of thousands of devices without using any malware

Notorious online data leak market BreachForums taken down by whitehat heroes

Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration. — Image credit: Shutterstock

BreachForums, one of the most popular dark web forums out there, is no more.

RIP, you will not be missed.

This is the place where crooks advertised stolen databases, sold malware as a service, discussed ransomware.

A real nasty place.

Some say it was a honeypot for the FBI.

In any case, the forum is no more - a group of whitehat hackers found where the servers were and issued a takedown request.

We’ll now see if a new one pops up.

Notorious online data leak market BreachForums taken down by whitehat heroes

The Techstack

Discussion about this post

Ready for more?