Security news.
Today's security news highlights a significant data breach affecting 3.4 million patients, ongoing threats from ransomware and stealer malware, and CISA's warning about actively exploited iOS vulnerabilities. Microsoft also reports a surge in AI abuse by hackers across all stages of cyberattacks.
Cognizant TriZetto Breach Exposes 3.4 Million Patient Records
A data breach at TriZetto Provider Solutions, a healthcare IT company, has exposed sensitive information belonging to over 3.4 million individuals.
CISA Warns of Exploited iOS Flaws
CISA has ordered U.S. federal agencies to patch three iOS security flaws actively exploited in cyberespionage and crypto-theft attacks using the Coruna exploit kit.
Termite Ransomware Linked to ClickFix CastleRAT Attacks
Threat actors known as Velvet Tempest are leveraging the ClickFix technique and legitimate Windows utilities to deploy DonutLoader malware and the CastleRAT backdoor, leading to Termite ransomware breaches.
Hackers Abusing AI at Every Stage of Cyberattacks
Microsoft reports that threat actors are increasingly integrating artificial intelligence into their operations to accelerate attacks, scale malicious activity, and reduce technical barriers.
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
A new malware, BoryptGrab Stealer, is being distributed via over 100 GitHub repositories, targeting browser and cryptocurrency wallet data, system information, and user files.
FBI Investigating Suspicious Cyber Activity on Surveillance System
The FBI is investigating "suspicious" cyber activity on a system holding sensitive surveillance information, working to determine the scope and impact of the incident.
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has updated its Known Exploited Vulnerabilities (KEV) Catalog with five new vulnerabilities, including issues in Hikvision, Rockwell, and Apple products, based on evidence of active exploitation.
Delta Electronics CNCSoft-G2 Vulnerability
A successful exploitation of a vulnerability in Delta Electronics CNCSoft-G2 could allow an attacker to achieve remote code execution on the device.