Cyber Security Threats

An automated analysis of the OpenEMR electronic medical records platform identified 38 previously unknown vulnerabilities, including two highest severity vulnerabilities rated CVSS 10.0, with potential impact on patient data integrity, system access, and server-level compromise. … Read more

Citrix disclosed a vulnerability tracked as CVE-2026-3055 in NetScaler ADC and NetScaler Gateway that can produce a memory overread whenever the application is configured as a SAML identity provider and that has a CVSS v4 … Read more

Email security failures continue to expose healthcare organizations to breaches and regulatory exposure, with research identifying authentication gaps, encryption weaknesses, and credential theft as contributing factors in healthcare email incidents heading into 2026. Email Remains … Read more

Data-only extortion attacks increased elevenfold between November 2024 and November 2025, representing a measurable shift in cyber extortion activity documented in recent threat reporting. Report Findings Arctic Wolf released a 2026 threat report identifying a … Read more

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its 2026 quarterly cybersecurity newsletter where it prompted HIPAA-covered entities to take do something to strengthen system security and make it … Read more

ARC Community Services based in Madison, WI offers to women and children substance use disorder treatment, behavioral health, and support services. It encountered a ransomware attack that resulted in the theft of sensitive information from … Read more

U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that threat actors are actively exploiting a critical vulnerability identified in Oracle Identity Manager (OIM). CISA advised all government civilian executive branch institutions to patch the vulnerability … Read more

Cybersecurity company Zscaler’s new report revealed that cyberattacks on Android mobile devices in critical infrastructure industries significantly increased in 2024. The energy sector had the biggest increase in mobile attacks with 387%, followed by healthcare … Read more

According to Coveware, a ransomware remediation company, the ransomware scene is divided into two where bigger companies face more targeted, high-cost attacks, while mid-market firms are attacked in volume. Ransomware groups perform high-volume attacks even … Read more

Medusa ransomware attacks are actively exploiting a critical vulnerability identified in the GoAnywhere MFT secure web-based file transfer tool of Fortra. Microsoft’s Threat Intelligence Team reported that a threat group identified as Storm-1175 is exploiting … Read more

Santesoft discovered five vulnerabilities in the medical image archiving and communication system of its Sante PACS Server, which include a critical vulnerability that makes it possible for the interception of user credentials. The vulnerabilities impact … Read more

Highlands Oncology Group, a provider of complete cancer care in six areas in Northwest Arkansas, recently announced a cyberattack that was initially discovered on June 2, 2025. A hacker accessed the Group’s system on January … Read more

Ransomware attacks in Q2 of 2025 diminished by 23% compared to the last quarter, but they are 43% higher compared to this time in 2024, with the drop only partly the result of typical seasonal … Read more

Black Kite’s new research has revealed the evolving ransomware environment. Last year, a notable shift was seen from big ransomware groups doing many attacks to an increasing number of smaller groups conducting the attacks. The … Read more

St. Louis University and SSM Health Saint Louis University Hospital (SSM-SLUH) agreed to settle a class action lawsuit involving a data breach in 2023. The terms of the settlement required a $2 million fund to … Read more

A HIPAA security incident is defined by the HIPAA Security Rule as “the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.”  It … Read more

BlackLock is a new ransomware-as-a-service (RaaS) group that has increased attacks and might become 2025’s most prominent RaaS group. Based on ReliaQuest Threat Spotlight, the BlackLock group was initially noticed in March 2024 using the … Read more

The Ponemon Institute conducted a survey recently on behalf of Illumio, a provider of a zero-trust segmentation platform. Based on the survey results, 88% of participant organizations had encountered at least one ransomware attack in … Read more

The cyberattack that compelled the deactivation of Rhode Island’s public benefits system (RI Bridges) has possibly compromised the personal information of over 50% of Rhode Island’s population, around 650,000 people, as reported by state Governor … Read more

Cisco Talos Incident Response reported that a new ransomware group has been targeting the healthcare sector and has been active since September 2024. Interlock ransomware is a threat group that claims to conduct attacks for … Read more

Despite significant efforts by organizations to fortify their defenses, the frequency of data breaches continues to rise. In fact, it is now commonly accepted that no data which is gathered or processed online can ever … Read more

The North Korean cyber group, Jumpy Pisces, recently collaborated with the Play ransomware network in an attacks. The link up is the first recorded instance of North Korean state-backed hackers using an existing ransomware infrastructure, … Read more

In the past year, the phishing-as-a-service (PhaaS) platform known as Sniper Dz has facilitated over 140,000 cyberattacks. The free platform offers tools to help cybercriminals target user credentials, making phishing campaigns easier to launch even … Read more

Linux systems have recently come under threat due to a set of Remote Code Execution (RCE) vulnerabilities identified in the Common Unix Printing System (CUPS). These vulnerabilities, classified as severe, have the potential to enable … Read more

Sparkling Pisces is a North Korean threat actor group recognized for its cyberespionage operations and spear-phishing campaigns. Unit 42 researchers recently identified two new malware variants linked to this group, named KLogEXE and FPSpy. These … Read more

The financially motivated cybercriminal group known as Storm-0501 is targeting U.S. industries, including government, manufacturing, transportation, and law enforcement, through ransomware attacks on hybrid cloud environments. Microsoft has detailed how this group’s multi-stage attack campaigns … Read more

Researchers at Unit 42 have uncovered a new campaign that involves the delivery of Linux and macOS backdoors through poisoned Python packages. These packages are uploaded to the popular PyPI repository, and have been linked … Read more

An international criminal network responsible for a large-scale phishing scheme targeting mobile phone credentials has been dismantled in a coordinated operation led by Europol and law enforcement agencies across six countries. The operation, codenamed “Operation … Read more

Recent investigations suggest that the well-known threat group “TeamTNT”, may be back in operation. The group that is infamous for targeting cloud environments like Docker, Kubernetes, and Redis, has left traces in new attacks observed … Read more

A new type of phishing attack is deceiving users into giving up sensitive login credentials without requiring any direct interaction. Researchers from Palo Alto Networks’ Unit 42 have identified phishing campaigns that use refresh entries … Read more

In a recent advisory issued on September 5th, 2024, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) discuss the cyber activities of Russia’s GRU … Read more

It is well known most data breaches come from employee error, some 88% according to Stanford University Professor Jeff Hancock in fact. As difficult as a costly mistake may be for a business to accept, … Read more

Since its emergence in early 2024, RansomHub has quickly expanded its operations and now affects over 210 victims across various sectors. This ransomware-as-a-service (RaaS) variant has become a player in the world of cybercrime, targeting … Read more

Recent cybersecurity research has uncovered an attack chain utilizing a memory-only malware downloader, known as PEAKLIGHT. This PowerShell-based downloader uses a multi-stage infection process, with a range of obfuscation techniques to evade detection and deliver … Read more

A security flaw has been discovered in millions of contactless key cards used worldwide for office and hotel access. French cybersecurity firm Quarkslab has identified a hardware backdoor in chips manufactured by Shanghai Fudan Microelectronics … Read more

The Federal Bureau of Investigation (FBI) spearheaded a global operation that successfully dismantled the infrastructure of the Radar/Dispossessor ransomware group, a criminal ransomware-as-a-service (RaaS) group led by someone known as ‘Brain’. The operation led to … Read more

Xeon Sender is a cloud-based tool that has cybersecurity experts increasingly concerned, due to its use by attackers to conduct large-scale SMS spam and phishing campaigns by exploiting legitimate software-as-a-service (SaaS) providers. The tool has … Read more

OneBlood, a nonprofit blood donation organization based in Florida, encountered a ransomware attack that is impacting its capability to supply blood to hospitals in the U.S. OneBlood supplies blood to about 250 hospitals in Alabama, … Read more

A new study by the cybersecurity company Semperis showed that companies tend to be attacked by ransomware groups several times. 74% of organizations that encountered a ransomware attack reported experiencing multiple attacks. These attacks caused … Read more

A newly discovered cyber espionage operation, referred to as “Cuckoo Spear,” has brought to light the ongoing activities of a state-backed Chinese hacking group that has been quietly infiltrating Japanese organizations. This covert campaign is … Read more

Memorial Sloan Kettering Cancer Center (MSK) based in New York City has reported the compromise of the protected health information (PHI) of 12,274 people due to a phishing attack. On April 26, 2024, MSK discovered … Read more

The 3-hospital health system has over 50 doctor clinics and numerous community satellite services in eastern Ohio, Pennsylvania, and the panhandle of West Virginia. In 2017, Heritage Valley was impacted by a worldwide malware attack. … Read more

The Qilin ransomware group, believed to be Russian, uploaded to its dark web leak site the information stolen during the attack on Synnovis because of non-payment of the $50 million ransom demand. On June 3, … Read more

ComplianceJunction, the top-rated HIPAA training vendor, has created a new training course for healthcare organizations to allow them to raise employee awareness of the common cyber threats that provide hackers with access to healthcare networks … Read more

Investigations of cyberattacks and data breaches often reveal the initial access vector to be a phishing email. Phishing provides threat actors with a foothold from where they can achieve an organziation-wide compromise, so teaching employees … Read more

The rapid digitisation of every aspect of our lives has led to an ever-increasing risk of cyber incidents for all types of business. Significant financial losses, disruptions to operations, damage to reputation, and legal consequences … Read more

On May 15, 2024, the FBI, in collaboration with international law enforcement agencies, seized the notorious cybercrime forum BreachForums. This action marks a severe blow to a site that has been a major marketplace for … Read more

On May 1st, a Texas court sentenced Yaroslav Vasinskyi, also known as “Rabotnik,” to over 13 years in prison, marking a significant chapter in the global efforts to dismantle the REvil ransomware group. At just … Read more

A sophisticated spyware attack has been uncovered, targeting certain iPhones. After Apple issued a warning, cybersecurity experts were able to trace the origins of the LightSpy malware, revealing a highly advanced spyware with potential links … Read more

791,000 People Affected by UNITE HERE Data Breach The labor Union, UNITE HERE, located in New York has 300,000 working individuals all over the United States and Canada. It recently filed a breach report to … Read more