Ransomware DataBreachToday.com

Cursor Patched Flaw Days After Disclosure, Says Check Point
Check Point researchers found a RCE flaw in Cursor, an AI-powered code editor, by manipulating a previously approved model context protocol configuration. Once a developer approved a configuration file for an MCP server, any future changes to that file could be executed without further prompts.

Inskit Researchers Uncover Clusters in Hungary, Saudi Arabia
Security researchers uncovered a previously unseen malware cluster associated with Israeli spyware maker Candiru. The company may have rebranded itself to evade sanctions to continue its operations. It continues to operate despite its inclusion in 2021 onto an exports blacklist by the United States.

Cyber Volunteers Can Gain Real-World Experience While Protecting Communities
When people think about a career in cybersecurity, they often picture certifications, technical exams and entry-level jobs that require years of preparation. For those coming from non-traditional backgrounds, the journey can feel like a dead end. But what if there were other ways to explore it?

Voice Phishing Attacks on Salesforce Users Remains Repeat ShinyHunters Tactic
Technology giants Google and Cisco separately said they've both suffered recent data breaches after attackers socially engineered their employees via voice phishing attacks, leading to a breach of their customer relationship management software, exposing customer data.

AI Powerhouse Releases Its First Public Model in 6 Years
OpenAI released its first open-weight reasoning models since GPT-2, unveiling gpt-oss-120b and gpt-oss-20b under the Apache 2.0 license. With performance approaching o-series benchmarks, the models are designed specifically for reasoning tasks.

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say Researchers
SonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Ransomware, Data Thefts, Other Attacks Continue to Plague Health Sector
Recent hacks on a provider of sleep disorder diagnostic gear and services, a network of medical imaging facilities and a multi-disciplinary cancer care center have affected nearly 800,000 patients. The breaches are among the latest rash of cybercriminal attacks plaguing the healthcare sector.

Dutch Servers Restored Following Moscow-Led Attack
The Dutch Public Prosecution Service on Monday began phased restoration of its networks after a cyberattack last month forced the agency to take down its services offline. The agency confirmed that hackers exploited a vulnerability in a Citrix device.

$100M State Cyber Grants Mark Major Drop in Federal Support Despite Growing Demand
The federal government announced a final $100 million round of cybersecurity grants aimed at boosting state and local defenses, but experts warn the funding signals a broader shift in responsibility to under-resourced governments facing escalating threats without sustained federal support.

Sean Cairncross Confirmed in 59-35 Senate Vote Despite Lacking Technical Experience
The United States has a new national cyber director after a tense Senate vote ended months of political and procedural delays, allowing the Trump administration to push forward with its sweeping overhaul of federal cybersecurity priorities.

Security Experts Call for Coordinated Autonomy Over Complete Integration
One team quotes Shakespeare. The other speaks in Morse Code. Now, imagine forcing them to write a play together. Yet IT and OT organizations are being asked to work as one. Is full integration really possible, or should we keep them at respectful distance for security reasons?

Orange Cyberdefense's Dominic Trott on Investor Hesitancy, Geopolitical Obstacles
The United Kingdom has a strong track record of supporting startups and building successful organizations, but U.K. cybersecurity startups still face hurdles, said Dominic Trott, director of strategy and alliances for the U.K. region at Orange Cyberdefense.

Threat Actor Maintains Long-Term Stealthy Access
Chinese nation-state hackers penetrated mobile telecom networks across Southeast Asia likely in order to track individuals' location, say security researchers. One tell about the hackers' intentions was deployment of a custom-made network scanning and packet capture utility tracked as CordScan.

The use on online tracking tools on the health-related websites and apps of HIPAA and non-HIPAA regulated entities continues to be a lightning rod due to a long list of ongoing data privacy, regulatory and legal concerns, said partner and attorney Elizabeth Hodge of the law firm Akerman.

Red-Hot Startup Noma Security to Deepen Protection for AI Models and Agents
With agentic AI deployments accelerating, Noma Security’s $100 million Series B will fuel development of risk management and runtime protection features. CEO Niv Braun said demand for securing agentic AI has surged among Fortune 500 firms and healthcare and financial institutions.

US Alleged Illumina 'Knowingly' Sold Feds Systems Containing Vulnerabilities
Genomics sequencing firm Illumina Inc. has agreed to pay $9.8 million to resolve False Claims Act whistleblower allegations that it sold software and systems containing cybersecurity vulnerabilities over more than seven years to government agencies.

New Funding, Platform Expansion Aim for Predictive, Autonomous Threat Defense
Safe's $70 million Series C will fund expanded capabilities across its cyber risk quantification, exposure management and third-party oversight tools. The company says its agentic AI vision – cyber AGI – will transform how enterprises manage and mitigate cyberthreats.

Also: Rethinking IT-OT Integration; Previewing Black Hat 2025
In this week's update, four ISMG editors discussed the latest on the ToolShell exploit and the rise of Warlock ransomware, why IT-OT integration may not be the best answer for industrial security and what to expect next week from ISMG Studio at Black Hat Conference 2025.

Security Expert Silke Holtmanns on Telecom Threats, Data Challenges and Zero Trust
Telecom firms face rising cyberthreats, growing regulatory pressure and shrinking budgets. But instead of chasing flashy solutions, the industry should focus on strengthening its security fundamentals, said Silke Holtmanns, telecommunication and critical infrastructure security expert at Blue Hour.