Ransomware DataBreachToday.com

Incidents Rank Among the Top Five Health Data Breaches in 2025 - So Far
A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in 2025 so far.

Joe Sykora Set to Scale Coro's SMB Cybersecurity Platform Globally Via MSP Partners
As Coro's new CEO, Joe Sykora is steering the SMB cybersecurity platform provider toward rapid international growth with a 100% partner-focused strategy, revamped operations and new tools for MSPs in an effort to dominate the underserved small and midsize business cybersecurity market.

Semperis Warns of Flaw in Windows Server 2025 Delegated Managed Service Accounts
A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.

3 State-Sponsored Groups Spear-Phish Semiconductor Ecosystem
Chinese state-aligned hackers have ramped up espionage efforts against Taiwan's semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts.

How Focused Skill Building Solves Real Problems in Cyber Roles
The pressure to grow doesn't come from curiosity alone. It comes from real friction in the systems you work with. That's why the smartest way to continue learning is not to try to master everything. Instead, focus on the next thing that will actually help you move forward in your role.

Experts Aim to Probe How AI Models Reason, and Why It Matters
AI researchers from OpenAI, Google DeepMind and Anthropic and others have urged deeper study into chain-of-thought monitoring, a technique to track how reasoning models arrive at answers. Their joint paper warns that transparency may erode if not prioritized.

5G OT Security Summit Speakers on Delicate Balance Between Innovation, Cyber Risk
Digital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.

67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.

Agency to Collaborate with External Experts on Vulnerability Research
The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

Startup Raises $30M, Uses Risk Intelligence to Preempt Reconnaissance Attacks
Former FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance.

Oracle Cloud Infrastructure Flaw Enabled Malicious File Uploads, Researchers Found
Exploring Oracle Cloud Infrastructure, researchers at Tenable found that Oracle's console-based Code Editor tool failed to block arbitrary file uploads, and could be silently exploited via drive-by attacks to install malware. They said Oracle has now fixed the vulnerability.

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google Says
A cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Hacker Claims to Have Exploited Flaw in Oracle WebLogic Server, Sold Stolen Data
Seychelles Commercial Bank is warning customers that a hacker stole their personal information - but no money - from their accounts after breaching its systems. The hacker involved claims to have stolen and sold two gigabytes of customer data from the bank, which paid no ransom.

Attackers Can Upload Malware in System Management Mode and Disable Secure Boot
Multiple high-severity vulnerabilities in Gigabyte's UEFI firmware could enable attackers to execute arbitrary code within System Management Mode, granting persistent and nearly undetectable control over affected systems, cybersecurity researchers reported.

Analysts Warn White House Chip Reversal Threatens US AI Dominance
President Donald Trump has reportedly reversed a U.S. policy restricting Nvidia chips critical to artificial intelligence technology development from being exported to China in a move that experts say could undercut the U.S. lead in the burgeoning emerging technology market.

Escalating Geopolitical Tensions Could Increase Hacks by 2030, Government Warns
France has identified Russia as the primary threat to national security in the coming years. The French government recommends adopting measures to strengthen its cybersecurity defenses in anticipation of increased hacks from Moscow-aligned attackers driven by geopolitical tensions.

US Authorities Say Daniil Kasatkin, 26, Worked as Negotiator for Ransomware Group
A Paris criminal court on Tuesday held an extradition hearing for a Russian professional basketball player who U.S. authorities say worked as a negotiator for an undisclosed ransomware group. French police on June 21 arrested Daniil Kasatkin, 26, at Charles de Gaulle Airport.

Experts Warn Federal Cyber Cuts Are Hindering Public-Private Threat Sharing Efforts
The White House has continued to sharply reduce the size of cybersecurity teams across the federal government while cutting information technology budgets and funding for key programs. Experts warn public-private information sharing around critical cyberthreats has slowed.

CEO Doug Merritt: GenAI, Workload Sprawl Raise Zero Trust Stakes for Aviatrix
Aviatrix is addressing cloud network security gaps with its new Cloud Native Security Fabric. CEO Doug Merritt says companies need zero trust across ephemeral workloads, especially with agentic AI multiplying data pathways. The company’s pivot includes a new C-suite and product strategy overhaul.

Remote Code Execution Flaw Affects More Than 5,000 Servers
Threat actors are actively exploiting a critical vulnerability in a server file transfer solution. Researchers say the flaw in Wing FTP Server could allow threat actors to execute system-level commands remotely, using null byte and Lua injection without authentication.