Lazarus hackers breach six companies in watering hole attacks
In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. The threat actor combined a watering hole attack strategy with an exploit for a vulnerability in a file transfer client that is required in South Korea to complete certain financial and […]
Microsoft fixes machine learning bug flagging Adobe emails as spam
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. As the company revealed in an advisory on the Microsoft 365 admin center tagged as EX1061430, users had issues accessing alerts for Adobe URLs starting April 22 at 09:24 UTC while […]
Frederick Health data breach impacts nearly 1 million patients
A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. With almost 4,000 employees and over 25 locations, Frederick Health is one of Frederick County’s largest employers. As the health system revealed in a late March notification to patients, […]
Microsoft now pays up to $30,000 for some AI vulnerabilities
Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. Power Platform includes applications designed to help companies analyze data and automate processes, while Dynamics 365 is a set of business apps that connect customers, products, people, and operations. Eligible AI vulnerability […]
Interlock ransomware claims DaVita attack, leaks stolen data
The Interlock ransomware gang has claimed the cyberattack on DaVita kidney dialysis firm and leaked data allegedly stolen from the organization. DaVita is a Fortune 500 kidney care provider with more than 2,600 U.S. dialysis centers, 76,000 employees in 12 countries, and an annual revenue exceeding $12.8 billion. The healthcare company disclosed to the U.S. […]
Yale New Haven Health data breach affects 5.5 million patients
Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. YNHHS is a nonprofit healthcare network in Connecticut, the largest in the state, providing comprehensive care across five hospitals and 360 outpatient locations. It employs 30,000 health professionals and has an […]
Microsoft fixes bug causing incorrect 0x80070643 WinRE errors
Microsoft says it resolved a known issue causing erroneous 0x80070643 installation failure errors when deploying the April 2025 Windows Recovery Environment (WinRE) updates. When it acknowledged the bug two weeks ago, Redmond told those affected that these errors can be ignored since they’re inaccurate and don’t impact their Windows device’s functionality. The known issue impacts the KB5057588 WinRE update […]
Linux ‘io_uring’ security blindspot allows stealthy rootkit attacks
A significant security gap in Linux runtime security caused by the ‘io_uring’ interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software. The flaw was discovered by ARMO security researchers who developed a proof-of-concept rootkit called “Curing” to demonstrate the practicality and feasibility of attacks leveraging io_uring for evasion. io_uring is a Linux […]
Russian army targeted by new Android malware hidden in mapping app
A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. Attackers promote the trojanized app as a free, cracked version of the premium Alpine Quest Pro, using Telegram channels and Russian app catalogs for distribution. […]
WhatsApp’s new Advanced Chat Privacy protects sensitive messages
WhatsApp has introduced a new Advanced Chat Privacy feature to protect sensitive information exchanged in private chats and group conversations. The new privacy option can be enabled after tapping the chat name and is designed to prevent attempts to save media and export chat content. “Today we’re introducing our latest layer for privacy called ‘Advanced […]