A ransomware attack by the Money Message threat actor compromised sensitive personal information of 316,342 patients at Anna Jaques Hospital, leading to significant data exposure and highlighting the urgent need for improved cybersecurity in healthcare.
The increasing prevalence of software vulnerabilities, exemplified by the MOVEit Transfer and Log4j incidents, underscores the urgent need for effective vulnerability prioritization strategies to mitigate organizational risks.
A supply chain attack has compromised the Ultralytics AI library, leading to the distribution of cryptomining software through malicious versions published on the Python Package Index.
In November 2024, the Termite group launched a ransomware attack on Blue Yonder, a supply chain technology provider, resulting in significant operational disruptions for major clients and the exfiltration of sensitive data.
A federal appeals court has upheld a law requiring TikTok’s parent company, ByteDance, to divest its stake in the app by January 2025, citing national security risks and dismissing claims of free speech violations.
A newly identified zero-day vulnerability in Windows NTLM protocols allows attackers to capture NTLM credentials with minimal user interaction, prompting Microsoft to plan an official patch while free micropatches are currently available.
