Ransomware DataBreachToday.com

Fortinet Report Says OT Defenses Are Maturing, Aided by AI Tools
Fortinet’s 2025 OT cybersecurity report reveals a shift in risk ownership to the CISO’s office, with increasing maturity, AI-driven defense and rising regulatory pressure shaping how organizations defend operational technology environments.

Ironscales Founder, CEO Eyal Benishti Pushes to Expand AI Protection Beyond Email
Deepfake phishing is escalating as cybercriminals deploy agentic AI to automate everything from data collection to social engineering. Ironscales founder and CEO Eyal Benishti outlines how phishing is targeting communication platforms beyond email, and how defenders can keep up.

Research Shows How Large Language Models Fake Conceptual Mastery
MIT, Harvard and University of Chicago researchers say models suffer from "potemkin understanding," referring to an illusion where models ace conceptual tests but fail real-world application. Their paper warns this undermines benchmarks and points to gaps in genuine AI comprehension.

Cybersecurity Compliance Vendor A-Lign Plans Global Expansion With Backing From Hg
Cybersecurity compliance firm A-LIGN has received a majority investment from Hg, a top tech-focused private equity firm. The deal supports A-LIGN's global ambitions to deliver SOC 2 and other compliance audits and leverages Hg’s expertise in scaling data and AI-driven services.

China's Hack-For-Hire Scene Disgorges Another Leak
The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details.

Crypto Defense, Data Centers, Monitoring Systems Strain Global Energy Use
As security monitoring, crypto mining protection and data centers fuel cybersecurity's energy demands, new regulations, such as Australia's National Greenhouse and Energy Reporting Act 2007, signal a global shift toward holding the industry accountable for its environmental impact.

Firms Adding Chief AI Officer to C-Suite to Lead Integration, Value Creation
Generative AI is now a top budget priority over security for many enterprises, but AI talent gap continues to hinder progress on AI projects. A recent AWS report recommends redefining AI leadership roles and strengthening third-party partnerships to unlock gen AI's full potential.

Shanghai Man Tied to Beijing-Backed Silk Typhoon Cyberespionage Attacks
Italian police arrested Chinese national Xu Zewei, 33, based on a U.S. arrest warrant charging the Shanghai resident with participating in "Silk Typhoon" cyberespionage attacks, including targeting novel coronavirus vaccine development information from the University of Texas.

Officials Look for Positive PR Stories as Putin's War Drags On
Russian authorities regularly trumpet the arrest and sentencing of citizens who offer hacking support to Ukrainian forces. Experts say the extent to which official crime reports can be trusted remains unclear, especially as officials need to look tough on the "Ukrainian threat."

Settlement Follows Federal Investigation Into Data Leak and Ransomware Attack
A Texas mental healthcare provider's failure to conduct a comprehensive risk analysis resulted in a $225,000 federal fine after regulators investigated a data leak followed by a ransomware attack in 2023. Deer Oaks Behavioral Health also must implement a corrective action plan.

Proposed Deal Could End Precedent-Setting SEC Case Over Cybersecurity Misstatements
The SEC and SolarWinds told a federal judge they've reached a tentative agreement to resolve a first-of-its-kind fraud case over cybersecurity disclosures. Federal regulators alleged that SolarWinds misled investors about its cybersecurity, and the settlement hinges on SEC commissioner approval.

Automation Saves Time But Risks Hollowing Out Critical Early-Career Roles
Time travel can seem like an unofficial requirement for cybersecurity job seekers, with would-be employers demanding mid-tier chops for entry-level positions. Come back in a few years, they say, after you've gained experience. But organizations can't assume the pipeline will fix itself.

Citrix Issues Patches to Counter Active Attacks Against Two Critical Vulnerabilities
Administrators of Citrix Netscaler devices are being urged to immediately patch their devices to fix two actively exploited vulnerabilities. One, dubbed Citrix Bleed 2, can be abused by hackers to bypass multifactor authentication, hijack user sessions and gain unauthorized access to the equipment.

SafePay Ransomware Blamed for Prolonged System Outage
Global tech distributor and service provider Ingram Micro confirmed days after a widespread IT outage that a ransomware attack disrupted internal systems. The firm disclosed the incident following reports that extortion demands associated with SafePay ransomware appeared on employee devices.

345 Major HIPAA Breaches Reported to Feds So Far This Year, Affecting 29.9 Million
Midway through 2025, the federal website listing major health data breaches in the U.S. shows a familiar scene: Many hacking incidents including ransomware, dozens of third-party vendor incidents, and millions of individuals affected by compromised personal data.

Latest Medical Device Vendor to Disclose a Recent Cyber Incident
A Minnesota maker of catheters notified federal regulators it is recovering from a cyberattack discovered in early June that rendered a portion of its IT systems and data inaccessible. Threat actors gained unauthorized access to some IT systems making certain systems and data unavailable.

Experts Warn Funding Gaps Elevate Cyber Risk
A breach of Columbia University’s IT systems after repeated attacks by U.S. President Donald Trump is highlighting how universities are unprepared for today’s threat landscape. Schools often leave campuses without enough resources for strong cyber defenses.

Also, Spain Arrests Hacker Behind Leaks Targeting Politicians and Journalists
This week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a Trojan.

Flaw Exposes Remote Privilege Escalation Risk
Cisco released urgent security updates to fix a critical vulnerability in Unified Communications Manager that could allow unauthenticated attackers gain root access to affected systems. The maximum-severity vulnerability allows unauthenticated remote attackers to log in using static credentials.