The Breach News

Researcher Discovers Numerous Dubious Chrome Extensions with 4 Million Downloads

Recent investigations have unveiled a collection of suspicious browser extensions that collectively amassed around four million installations, raising significant concerns within the cybersecurity community. A comprehensive analysis revealed that the vast majority of these extensions operate under a layer of obfuscation, a tactic that serves to obscure their true functionality…

Read MoreResearcher Discovers Numerous Dubious Chrome Extensions with 4 Million Downloads

Interior Department Removes Key Cybersecurity Leaders Amid DOGE Dispute

Government, Industry Specific Senior Cybersecurity and Technology Officials Depart from the Interior Department Chris Riotta (@chrisriotta) • April 11, 2025     (Image: Shutterstock) The U.S. Department of the Interior has removed several high-ranking cybersecurity and technology officials amid a contentious situation involving the Department of Government Efficiency. This follows…

Read MoreInterior Department Removes Key Cybersecurity Leaders Amid DOGE Dispute

Radiology Practice Settles with Feds for $350,000 Over HIPAA Violations

Data Privacy, Data Security, Healthcare HHS Highlights Security Vulnerabilities in Data Breach Affecting Nearly 300,000 Individuals Marianne Kolbasuk McGee (HealthInfoSec) • April 11, 2025 (Image: Northeast Radiology) A medical imaging firm operating in New York and Connecticut has agreed to a settlement of $350,000 with federal regulators due to potential…

Read MoreRadiology Practice Settles with Feds for $350,000 Over HIPAA Violations

Investigation into Lawsuit Regarding AACOM Data Breach

Attorneys associated with ClassAction.org are currently investigating the potential for filing a class action lawsuit stemming from a significant data breach involving the American Association of Colleges of Osteopathic Medicine (AACOM). The breach is reported to have compromised the sensitive personal information of over 67,000 individuals, according to a statement…

Read MoreInvestigation into Lawsuit Regarding AACOM Data Breach

Russia’s Storm-2372 Targets Organizations with MFA Bypass Using Device Code Phishing Techniques

Storm-2372, a Russian state-backed APT group, utilizes device code phishing to circumvent Multi-Factor Authentication (MFA), targeting sectors including government, technology, finance, defense, and healthcare. Recent research by cybersecurity analysts at SOCRadar has uncovered an evolving tactic employed by the notorious Russian advanced persistent threat group, Storm-2372. This group has demonstrated…

Read MoreRussia’s Storm-2372 Targets Organizations with MFA Bypass Using Device Code Phishing Techniques

RansomHouse Ransomware Breaches Telecom Giant, Exfiltrating 2TB of Data

The frequency of ransomware attacks has intensified in recent months, driven primarily by cybercriminals employing increasingly aggressive tactics such as double and triple extortion. These strategies compel victims not only to pay a ransom to regain system access but also to prevent the public disclosure of sensitive stolen data. A…

Read MoreRansomHouse Ransomware Breaches Telecom Giant, Exfiltrating 2TB of Data