The Record reports: A recently disclosed vulnerability affecting Apple products has prompted an order for government organizations to patch the bug. The Cybersecurity and Infrastructure Security Agency (CISA) gave civilian federal agencies until September 11 to implement a fix for CVE-2025-43300 — a vulnerability affecting popular brands of Apple phones, iPads and Macbooks. Apple said on Wednesday that […]
In what is currently the third largest health data breach of 2025, kidney dialysis provider DaVita has reported a ransomware attack to HHS. Bleeping Computer reports: Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals. DaVita serves over 265,400 […]
The following statement was issued by Orange Belgium S.A. earlier today. It relates to the breach previously acknowledged last month: At the end of July, Orange Belgium detected a cyberattack on one of its IT systems, resulting in unauthorised access to certain data from 850,000 customer accounts. No critical data was compromised: no passwords, email […]
CyberScoop reports: A federal court has upheld the Federal Communications Commission’s authority to impose stricter data breach notification regulations on the telecom sector, including requirements that the industry notifies customers when their personally identifiable information is exposed in a hack. In a 2-1 decision, the U.S. Sixth Circuit Court of Appeals concluded that the FCC […]
CBC News reports: The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee information. According to an internal email obtained by CBC News, the House of Commons alerted staff on Monday that there was an information breach. It said a malicious actor was […]
Data Breach Today reports: Extortionists tied to numerous attacks against high-profile brands have begun naming fresh victims and leaking supposedly stolen data. See Also: Securing Manufacturing’s Transition to the Cloud On Friday, individuals claiming to be part of the cybercrime collectives Scattered Spider, ShinyHunters and Lapsus$ launched a channel on social platform Telegram, posted partially redacted […]
Coindoo reports: Physical attacks on cryptocurrency holders are rising sharply this year, with security experts warning that 2025 could become the most dangerous year yet for investors. At the Baltic Honeybadger conference in Riga, SatoshiLabs founder Alena Vranova described a wave of “wrench attacks” — kidnappings, assaults, and extortion aimed at forcing victims to surrender […]
NextGov reports: At DEF CON, Alexei Bulazel said AI-powered tools will give software developers “incredible abilities” to harden networks by adding multilayered checks to the code-scanning process and catching flaws that might otherwise slip through. In the next era of cybersecurity, the best defensive tool may be a line of AI-assisted code, according to President […]
SecurityWeek reports: French telecommunications company Bouygues Telecom was recently targeted in a cyberattack that resulted in the personal information of millions of customers getting compromised. Bouygues is one of France’s largest telecom companies. According to its website, it has nearly 27 million mobile service customers. The company discovered the cyberattack on August 4 and an […]
Google’s Intelligence Threat Group (GITG) has been tracking various threat actor groups under tracking labels such as UNC 6040, UNC 6240, and UNC 3944. The first two overlap with threat actors known as ShinyHunters, while the third overlaps with Scattered Spider. The ShinyHunters group has been linked to attacks on customers of Salesforce. Google itself […]
