DataBreachToday.com

Attacker Socially Engineered Developer With Phishing Email
A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.

State Department Offers Up to $10M for Tips on Volodymyr Tymoshchuk
A hacker who federal prosecutors say was behind the LockerGoga and MegaCortex ransomware strains faces a seven count criminal indictment in U.S. federal court, prosecutors said Tuesday. Ukrainian national Volodymyr Tymoshchuk, 28, was administrator of the two ransomware operations, prosecutors say.

Breach Affecting 104,000 Underscores Health Data Risks for Non-Healthcare Firms
An Ohio hand tool manufacturer that sells its products through franchises is notifying nearly 104,000 people of a breach potentially compromising their medical data. The incident is a cautionary tale for non-healthcare sector entities about the risks they face involving health information.

GhostRedirector Compromising Windows Servers in Brazil, Thailand and Vietnam
A suspected Chinese cybercrime group is deploying custom malware to compromise Windows servers in Brazil, Thailand, Portugal and Vietnam as part of search engine optimization fraud to promote gambling websites.

Nonprofit Is Among Several Blood Suppliers Hit by Cybercriminals Over the Past Year
New York Blood Center Enterprises said an undisclosed number of patients, employees and other individuals are potentially affected by a January cyberattack that compromised personal and health related information. The hack was among several attacks on blood suppliers over the past year.

Salesloft Says Hackers Broke Into Its GitHub Repository
Cybersecurity firms Tenable and Qualys fell to attacks stemming from hacker theft of authentication tokens from a third-party tool often integrated into Salesforce. The firms disclosed their exposure to the attack that lifted access tokens from marketing-as-a-service software provider Salesloft.

Observo Buy Gives Customers Real-Time SIEM Ingestion and Vendor-Agnostic Options
SentinelOne’s Observo AI buy gives customers a flexible, AI-powered data pipeline for faster detection and SIEM freedom. The acquisition bolsters its AI-native SIEM vision and offers a lower-cost, real-time alternative to traditional solutions such as Splunk.

Also: Software Supply Chain Risks, Cato's AI Security Buy
In this week's update, four ISMG editors discussed the Pentagon's review of Microsoft's use of Chinese nationals on U.S. military cloud systems, renewed concerns over software supply chain risks and Cato Networks' first-ever acquisition to boost AI security.

From MechaHitler to Islamic Chatbots, AI Engines Are Writing the Script for Reality
AI sovereignty is the new data sovereignty, except now we’re arguing not just about who owns your data, but who gets to define reality. From MechaHitler to Islamic chatbots, AI is less about objective truth and more about who gets to write the script.

Black Duck AppSec Services Buy Marks Shift Toward Offensive Assessment Services
UltraViolet Cyber’s acquisition of Black Duck's application security testing services deepens its offensive capabilities and adds 400 people to its global workforce. The deal enables greater integration of assessment and defense across the software development lifecycle.

Suits Filed After Researcher Found 1 Million Patient Records With No Password Setup
An Ohio firm that assists individuals in obtaining physician-certified medical marijuana cards is facing at least six proposed federal class action lawsuits so far involving the recent discovery by a security researcher of a database exposing nearly one million sensitive patient records on the web.

White House Kick Off School Year With AI Education Efforts, Public-Private Collabs
The Trump administration is rolling out its Presidential Artificial Intelligence Challenge with a series of high-profile White House events and public-private sector commitments - just as the Federal Trade Commission reportedly prepares to investigate AI systems' impact on child mental health.

Series E Funding at $2B Valuation Fuels Fraud Defense, Identity Tech Buildout
Washington D.C.-area identity verification provider ID.me has raised $340 million to develop fraud-fighting technology and prepare for long-term expansion. The investment supports product innovation to stop AI threats such as deepfakes and fake businesses.

Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei Deal
This week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5 million to BEC.

Startup to Expand Dual-Use Tech, Tackle GPS Jamming Threats With Series C Funding
With a $75 million Series C raise, Shift5 plans to scale its operational intelligence platform across military and commercial transportation. Its focus includes enhanced threat detection, predictive maintenance and data-driven safety measures amid rising cyberthreats to infrastructure.

Feds Ramp Up Enforcement of 21st Cures Act Regs Including Fines up to $1 Million
The Department of Health and Human Services says it's "cracking down" on healthcare providers, health IT developers and health information networks that "block" the exchange, access and use of patients' electronic health data. Info blocking regulations have been on the books for years, so why now?

ACI Worldwide's Cleber Martins on Why Banks Need to Lead on AI Identity Governance
The rise of agentic commerce is forcing the financial sector to reconsider traditional fraud controls. Automated transactions may follow all technical authorizations, but agentic AI tools lack an understanding of user intent. That disconnect could lead to a surge in first-party fraud.

Elevate OT Cyber Skills Through Training, Collaboration and Practice
Operational technology incidents can have physical as well as digital consequences, from halting plant production to endangering lives. Training tailored to OT security is essential for protecting critical systems while maintaining operational continuity.

Structured Approach to Mitigate Vulnerabilities and Risks in Synthetic Biology Labs
Advances in synthetic biology promise breakthroughs, such as engineered bacteria and microbes for pollution cleanup and medicine production. But this promise brings new risks: cyberthreats that intersect with biosecurity. Threat modeling provides a critical framework to anticipate these risks.