DataBreachToday.com

Patching Workflows Built for Weekly Cycles Can't Survive an Era of Hourly Exploits
AI is shrinking the window between vulnerability disclosure and active exploitation from weeks to hours. But remediation workflows haven't kept pace. Security teams need real-time intelligence, unified IT and security operations, and automated remediation to close the gap before attackers do.

In the face of relentless cyberattacks that threaten patient safety, hospitals must strengthen their resilience, with clinical continuity, secure backups and coordinated recovery emerging as critical strategies, said John Riggi of the American Hospital Association and Josh Howell of Rubrik.

Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics
Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communications, revealing previously non-public victims, a variety of tactics, techniques and tools, and a relentless focus on popping backup and storage infrastructure.

ICO Warns Key Security Gaps Led to Exposed Data of Over 630,000 People
A British regulator said a major water sector organization failed to use establish cybersecurity safeguards to secure sensitive data, allowing hackers to use a phishing campaign to gain persistence, steal records and expose more than 630,000 sensitive records.

Cloud Connectivity, Security Operations Providers Reportedly Chop 20%, 7% of Staff
Cloudflare cut more than 1,100 workers from its 5,483-person staff, saying the layoffs will align Cloudflare's operations with AI-driven workflows and productivity gains. And Arctic Wolf laid off 250 workers from its estimated staff of 3,402 to free resources for investment in AI initiatives.

An On Demand video from ID Dataweb
Scattered Spider continues to evolve, and organizations across financial services, healthcare, insurance, telecommunications, and other sectors are strengthening defenses against increasingly sophisticated identity-driven threats.

Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud Risks
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.

Also: Washington's AI Policy Divide, FDA's Push for AI-Driven Clinical Trials
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.

State Insurance Officials Seeking Details About Service Firm's Mega Data Breach
Missouri regulators are widening their investigation into the 204 hacking incident at Conduent Business Services, alleging that the company has stonewalled the state's attempts to obtain information about the data breach, which is estimated to affect more than 25 million people nationwide.

Top Democrat Warns States Are Losing Federal Cyber Defense Support
A top U.S, Senate Democrat decried shrinking federal support for election security ahead of the November midterms, warning that cuts to the Cybersecurity and Infrastructure Security Agency could leave states without cyber defense or threat intelligence capabilities

AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'
A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."

Artificial intelligence that is embedded in newer editions of software and other technology tools but is not explicitly revealed by vendors is a substantial risk on par with shadow AI, said regulatory attorney Elizabeth Hodge with the law firm Akerman LLP.

Also, Taiwan Rail Hack, Massive DDoS Attack and Karakurt Jail Sentence
This week, Microsoft Edge exposed passwords, Taiwan police make arrests in high-speed rail hack and a 2.45 billion-request DDoS attack. A Karakurt negotiator jailed, North Korean IT worker scams led to prison terms and France detained a teen over a government data breach. Another Ivanti zero-day.

WatchGuard Aims to Reduce Alert Fatigue Through Telemetry Correlation
WatchGuard acquired SaaS security startup Perimeters to strengthen cloud detection and response capabilities spanning identity threat detection, cloud posture management and shadow IT discovery as enterprises face escalating attacks targeting cloud applications and distributed environments.

ServiceNow Takes Aim at Enterprise AI Sprawl at Knowledge 2026
At its Knowledge 2026 conference, ServiceNow announced artificial intelligence control tower expansions, an autonomous workforce across every business function and a platform play to become the operating layer for all enterprise AI solutions.

Pentagon Expands Frontier AI Providers Amid Anthropic Legal Fight
The Pentagon said it will no longer depend on a single artificial intelligence provider as the White House pushes agencies to diversify frontier AI systems amid an escalating legal and policy fight with Anthropic over military use of advanced models.