DataBreachToday.com

Over 23,000 Code Repositories at Risk After Malicious Code Added to GitHub Actions
Attackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal secrets from thousands of private code repositories as well as compromise other widely used "open source libraries, binaries and artifacts" that use the tool, experts warned.

Carnegie Mellon CERT's Dan Costa on Addressing Root Causes of Insider Risk
As layoffs and AI-driven workflows reshape workplace security, insider risk is becoming more complex. Dan Costa, technical manager for the CERT division at Carnegie Mellon University's Software Engineering Institute, outlines proactive strategies to manage insider risk effectively.

AI Giants Also Like 'Fair Use' Exemptions for Copyrighted Material
OpenAI and Google laid out visions for regulation in response to the Trump administration's AI Action Plan, which aims to help the United States maintain technological lead over China. Both companies want Biden-era export controls lightened.

Investment to Scale Engineering, Expansion from Data Deletion to Threat Reduction
Executive digital protection firm 360 Privacy raised $36 million to expand its engineering team and boost its ability to remove sensitive data from brokers. The company is shifting from a data deletion focus to broader threat mitigation, tackling risks from digital tracking and location data leaks.

Texas Incident is Largest Breach Reported by a Health Plan So Far in 2025
A Texas-based insurance firm is notifying more than 335,500 people of a December hack involving their sensitive personal and health information. The breach affects many - but not all - of the company's policyholders, agents and insurance carrier partners in multiple states.

Restraining Order Allows Dismissed Cyber Defense Agency Employees to Return to Work
A temporary restraining order against the Trump administration's efforts to shrink the size of the federal workforce will allow thousands of probationary employees to return to work as experts warn the purge threatens national cybersecurity.

Expect Malicious Insiders to Pose 'Big Challenge' This Year for CISOs, Expert Warns
The current "tumultuous environment" for employees and job-seekers across business and government - with numerous layoffs, economic concerns and political chaos - is increasing the risk posed by trusted insiders, making for a "big challenge for CISOs this year," says Forrester's Allie Mellen.

DeepSeek Comes Very Close to Producing a Keylogger and Ransomware
Security researchers used the Chinese DeepSeek-R1 artificial intelligence reasoning model to come close to developing ransomware variants and keyloggers with evasion capabilities. The model needs prompt engineering and its output requires code editing.

Feds Accuse Dual Russian-Israeli National of Serving as Key Member of Operation
An accused developer for Russian-speaking ransomware group LockBit, 51-year-old Rostislav Panev, appeared in a U.S. courtroom after being extradited from Israel. The dual Russian and Israeli citizen faces a 41 count superseding criminal indictment charging him with being a key member of the group.

Also: Gartner's Sydney Summit Highlights, Rising OT Security Risks
In this week's update, ISMG editors discussed X’s major DDoS outages, politically motivated cyberattacks, key takeaways from Gartner’s Security & Risk Summit in Sydney, and rising operational technology threats highlighted in recent Dragos and Gartner reports.

Threat Groups Are Mapping OT Networks for Future Targeting, Warns Dragos
A China-linked threat group called Voltzite is targeting operational technology systems at critical infrastructure organizations worldwide to steal network diagrams, OT operating instructions and information about geographic information systems, said cybersecurity firm Dragos.

IT Outages Are Affecting Patient Services, NC Practice Is 'Temporarily Closed'
A small North Carolina radiology practice and a 25-bed Pennsylvania hospital and are among the latest rural healthcare providers struggling to recover from recent cyberattacks that are disrupting their technology operations and affecting patient care services. How will this end up?

Funds Will Support Next-Gen Security Orchestration and Response, Eliminate Complexity
With $30 million in funding, Sola Security is launching an AI-driven, self-service SOAR platform designed for easy adoption across security, IT, and DevOps teams. The Israeli startup aims to disrupt traditional security automation by lowering technical barriers.

Worries Grow Over Data Privacy Framework Stability
A European official said he received assurances the U.S. is committed to preserving the legal framework underpinning commercial data flows across the Atlantic. The Data Privacy Framework already faces legal challenges in Europe, but fears of its durability compounded with the Trump administration.

Bipartisan 'Match IT Act' Aims to Reduce Risk of Medical Mistakes, Privacy Mishaps
Two Congressmen are taking another bipartisan stab at passing legislation aimed at improving patient identity matching to help reduce mistakes that put patient privacy and safety at risk. The lawmakers have introduced similar provisions in the past. Will the proposals gain traction this time?

The Edge Device Hacking Wave Hasn't Spared French Companies
France playing host to the Olympics resulted in a surge of cyberattacks requiring intervention of the state cybersecurity agency, it said in an annual report also flagging an uptick in attacks levied against network edge devices. The games went smoothly.

Series D Funding to Drive U.S. Growth and AI Advancements in Cybersecurity
Pentera has raised $60 million in Series D funding to expand its presence in the U.S. and accelerate AI-driven innovations in security validation. CEO Amitai Ratzon says the company is focused on advancing automated testing and strengthening its leadership in exposure validation.