Ransomware DataBreachToday.com

Cierant Corp. Says Cleo MFT Zero-Day Exploit Compromised Health Plan Client Data
A Connecticut-based firm that provides print and electronic document management services to health plans has reported to regulators that an exploit of a vulnerability in file transfer software from third-party vendor Cleo has resulted in a health data compromise affecting nearly 233,000 people.

Startup Mira Security Will Offer Insights on Encrypted Network Traffic, Decryption
Darktrace purchased a network traffic visibility startup to get insights from encrypted network traffic and decryption for customers in regulated industries. Mira Security will provide organizations with deeper, more comprehensive visibility across on-premises, cloud and hybrid environments.

As Agentic AI Takes Over Workflows, Traditional Authentication Practices Fall Short
The explosion of agentic AI and autonomous bots to orchestrate cross-system tasks is turning MFA into a brittle defense. Non-human identities often bypass human-centric security controls, operating with static credentials and undefined ownership, creating exploitable identity risks.

Traditional security testing tools can’t keep pace with modern threats—or prove which vulnerabilities truly matter. Discover how Adversarial Exposure Validation (AEV) bridges the gap by continuously simulating real-world attacks to reveal exploitable exposures, prioritize risk, and empower smarter security decisions. Learn why AEV is the missing link in your CTEM strategy and how BreachLock is leading the way.

PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick Users
Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication - FIDO2 physical keys.

House, Senate Versions of 2026 NDAA Offer Competing Approaches to Cyber
Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.

Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year
A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people.

Hackers Using Amadey Bot to Drops Payloads From Fake GitHub Accounts
Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet in an ongoing campaign linked to a broader malware-as-a-service operation, Cisco Talos said in a report published Thursday.

New Working Group Launched After Two Failed Attempts to Resolve AI Training Impasse
The U.K. government on Wednesday began its latest round of talks between creative owners and the artificial intelligence sector to work out a potential deal on the use of copyrighted content to train AI models. The discussions follow two previous failed attempts.

Incidents Rank Among the Top Five Health Data Breaches in 2025 - So Far
A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in 2025 so far.

Joe Sykora Set to Scale Coro's SMB Cybersecurity Platform Globally Via MSP Partners
As Coro's new CEO, Joe Sykora is steering the SMB cybersecurity platform provider toward rapid international growth with a 100% partner-focused strategy, revamped operations and new tools for MSPs in an effort to dominate the underserved small and midsize business cybersecurity market.

Semperis Warns of Flaw in Windows Server 2025 Delegated Managed Service Accounts
A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.

3 State-Sponsored Groups Spear-Phish Semiconductor Ecosystem
Chinese state-aligned hackers have ramped up espionage efforts against Taiwan's semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts.

How Focused Skill Building Solves Real Problems in Cyber Roles
The pressure to grow doesn't come from curiosity alone. It comes from real friction in the systems you work with. That's why the smartest way to continue learning is not to try to master everything. Instead, focus on the next thing that will actually help you move forward in your role.

Experts Aim to Probe How AI Models Reason, and Why It Matters
AI researchers from OpenAI, Google DeepMind and Anthropic and others have urged deeper study into chain-of-thought monitoring, a technique to track how reasoning models arrive at answers. Their joint paper warns that transparency may erode if not prioritized.

5G OT Security Summit Speakers on Delicate Balance Between Innovation, Cyber Risk
Digital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.

67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.

Agency to Collaborate with External Experts on Vulnerability Research
The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

Startup Raises $30M, Uses Risk Intelligence to Preempt Reconnaissance Attacks
Former FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance.

Oracle Cloud Infrastructure Flaw Enabled Malicious File Uploads, Researchers Found
Exploring Oracle Cloud Infrastructure, researchers at Tenable found that Oracle's console-based Code Editor tool failed to block arbitrary file uploads, and could be silently exploited via drive-by attacks to install malware. They said Oracle has now fixed the vulnerability.