Ransomware DataBreachToday.com

Also: AI-Driven Deception, Cyber Deterrence and Resilience
In the latest weekly update, ISMG editors reflected on the accelerating use of AI in cyber deception in 2025, geopolitical tensions and nation-state threats, and a growing shift from prevention to resilience as attacks increasingly targeted critical infrastructure and exploited human trust.

Little Progress Made to Mandate Customer Reimbursement for Financial Scams
Financial scams and synthetic identity fraud showed no signs of slowing in 2025, as regulators focused on fraud prevention over reimbursement for victims. But some countries joined the United Kingdom in advancing new anti-scam measures that focus on prevention and industry accountability.

Job Seekers Need to Demonstrate Good Judgement and Trust - Not Just Skills
Cybersecurity job interviews function much more like risk assessments. Hiring managers are not searching for perfection. They are working to reduce uncertainty about how someone will think, decide and behave when systems fail, pressure mounts and information is incomplete.

Third-party security threats remain one of the most critical risks facing the healthcare sector. But now the increasing use of artificial intelligence by vendors adds a new layer of third-party concerns, said independent consultant Rick Doten, former healthplan CISO at Centene Corp.

Healthcare sector mergers and acquisitions dramatically amplify cybersecurity and data privacy exposure for potential buyers and sellers, said attorney Jonian Rafti of law firm Proskauer. But there are critical steps entities can take to reduce those risks, he said.

AI is changing cybercrime in a big way. Autonomous AI agents could soon carry out entire attacks on their own -scanning servers, testing vulnerabilities, refining exploits and even launching phishing campaigns from start to finish, said David Sancho, senior threat researcher at Trend Micro.

Also: Trader Loses $50M in USDT in Address Poisoning Scam
This week, the U.K. FCA mapped a path to U.K. crypto regulation, iComTech promoter sentenced in Ponzi case, the U.S. SEC sought public company bans for former FTX and Alameda executives, a trader lost $50M in USDT in an address poisoning scam and a Brooklyn man indicted over $16M Coinbase phishing scam.

Experts Predict AI-Driven Scams Will Soon Outpace Human-Led Tactics
Despite $442 billion in scam losses across 42 countries last year, 73% of people still believe they can recognize scams. Jorij Abraham, managing director of the Global Anti-Scam Alliance, reveals why this confidence gap is costing billions and what fraud practitioners should expect in 2026.

New Report Says DOE Cyber and AI Governance Is Lagging Behind Rapid Deployment
An inspector general report warns the Department of Energy's rapid expansion of artificial intelligence and decentralized cybersecurity controls has outpaced governance, limiting enterprise visibility and exposing critical infrastructure to persistent threats from state-backed and criminal actors.

Also: SudamericaData Leak, RaccoonO365 Arrest and Nefilim Conspirator Pleads Guilty
This week: Spotify metadata scraped, Nissan disclosed third-party breach, millions of Argentines exposed to data leak, African police arrested hundreds in a cybercrime sweep, Nigeria nabbed a phishing operator, the U.S. DOJ charged ATM jackpotting ring and Nefilim ransomware affiliate pleaded guilty.

Healthcare data breaches are becoming more frequent but smaller in scale, targeting smaller entities and high-value credentials and records - and AI is reshaping both the attack landscape and fraud patterns, said Jim Van Dyke, senior principal of innovation at TransUnion.

Full Scope of Clop Ransomware Group's Oracle E-Business Suite Hits Still Emerging
The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group's supply-chain campaign against users of Oracle E-Business Suite, in which it wielded two zero-day vulnerabilities.

AI Firm Discovers New Prompt Injection Attack Class
OpenAI faces a years-long battle to secure its ChatGPT Atlas web browser against prompt injection attacks, a threat the company says will require continuous defense strengthening much like the arms race against online scams targeting humans.

International Coalition Highlights Security Risks in OT’s Rush to AI
Hurriedly integrating AI into industrial systems isn't the wisest idea, the U.S. Cybersecurity and Infrastructure Security Agency and its domestic and international partners warned earlier this month. "We don't want [operators] treating AI like a magical black box," explained a CISA official.

Acquisition Streamlines Security Operations From Asset Discovery to Remediation
AI software company ServiceNow has entered into an agreement to buy cyber exposure management and security company Armis for $7.75 billion in cash. The deal will bolster ServiceNow's cybersecurity offerings at a time when many larger technology vendors are choosing to expand their security portfolios.

Preparing a healthcare workforce to responsibly engage with AI tools without over relying on automation or undermining human oversight will require awareness training akin to phishing exercises, said Skip Sorrels, field CTO and CISO at security firm Claroty.

Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi Security
A browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself.

Report: China, Russia Exploiting US Cyber Policy Gaps to Gain Strategic Advantage
A new McCrary Institute report urges Washington to adopt a more offensive cyber strategy, warning that the current reactive approach leaves the U.S. unable to counter China and Russia’s persistent campaigns to gain asymmetric leverage in cyberspace.

Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS
Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk.

Smart eyewear such as Meta-AI Ray Ban glasses - which sport microphones, cameras and can connect to artificial intelligence - pose emerging patient privacy and other risks especially when worn in healthcare settings, said Garrett Zickgraf of consulting firm LBMC.