The Breach News

New MSU Research Reveals Ransomware as a Major Cause of Health Data Breaches in the U.S.

Recent research conducted by experts from Michigan State University, Yale, and Johns Hopkins has identified ransomware as the primary factor behind health data breaches in the United States. This malicious software compromises victims’ files or systems, demanding payment in exchange for regaining access to compromised data. Notably, four hospitals in…

Read MoreNew MSU Research Reveals Ransomware as a Major Cause of Health Data Breaches in the U.S.

Operation Endgame 2.0: Targeting Initial Access Brokers

Cybercrime, Fraud Management & Cybercrime Law Enforcement Dismantles 300 Servers Globally, Disables 650 Domains Akshaya Asokan (asokan_akshaya) • May 24, 2025 Image: Europol In a prominent European-led initiative against malware often utilized as a precursor to ransomware, law enforcement agencies have successfully dismantled 300 servers across the globe. This operation,…

Read MoreOperation Endgame 2.0: Targeting Initial Access Brokers

Zimbra CVE-2024-27443 XSS Vulnerability Affects 129,000 Servers, Sednit Linked to the Attack

A significant cross-site scripting (XSS) vulnerability, designated CVE-2024-27443, has been identified in the CalendarInvite feature of the Zimbra Collaboration Suite, and it is currently being exploited, possibly by the Sednit hacking group. This flaw poses a risk of user session compromise, emphasizing the urgent need for prompt patching. The latest…

Read MoreZimbra CVE-2024-27443 XSS Vulnerability Affects 129,000 Servers, Sednit Linked to the Attack

Operation End Game 2.0: Targeting Initial Access Brokers

Cybercrime, Fraud Management & Cybercrime Law Enforcement Disrupts Cybercriminal Infrastructure: 300 Servers and 650 Domains Taken Down Akshaya Asokan (asokan_akshaya) • May 24, 2025 Image: Europol In a joint operation spearheaded by European law enforcement, authorities have dismantled a complex cybercriminal network, taking down 300 servers globally. This initiative, which…

Read MoreOperation End Game 2.0: Targeting Initial Access Brokers

Massive Data Breach Exposes 437,329 Americans: Names, Addresses, Social Security Numbers, Medical Records, and More at Risk

A significant data breach has occurred within a major private healthcare system in the United States, exposing the personal data of hundreds of thousands of individuals. The incident has been attributed to a “hacking/IT” event as reported by the U.S. Department of Health and Human Services Office for Civil Rights,…

Read MoreMassive Data Breach Exposes 437,329 Americans: Names, Addresses, Social Security Numbers, Medical Records, and More at Risk

Researchers Transform GitLab AI Developer Assistant to Generate Malicious Code

Title: Security Flaws in AI Developer Tools Exposed by Recent Attack In an alarming demonstration of vulnerability, researchers from the security firm Legit recently revealed significant security risks associated with AI-assisted developer tools, specifically targeting GitLab’s Duo chatbot. While marketed as indispensable aids for software engineers, these tools can be…

Read MoreResearchers Transform GitLab AI Developer Assistant to Generate Malicious Code

NC Pathology Practice Alerts 236,000 Patients About Data Breach

Fraud Management & Cybercrime, Healthcare, Industry Specific Did Marlboro-Chesterfield Pathology Pay Ransom to Cybercriminal Group SafePay? Marianne Kolbasuk McGee (HealthInfoSec) • May 23, 2025 Marlboro-Chesterfield Pathology, a laboratory in North Carolina, is notifying nearly 236,000 patients about a data breach incident reported in January. (Image: MCP) A hacking incident involving…

Read MoreNC Pathology Practice Alerts 236,000 Patients About Data Breach