Settlement Marks OCR’s 20th Ransomware Enforcement Action and 14th Enforcement Action in OCR’s Risk Analysis Initiative The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) today announced a settlement with Spencer Gifts LLC Flexible Benefits and Welfare Benefit Plans (the Plan), the employer-sponsored group health plan of Spencer Gifts LLC,...Read More
CENTRAL VALLEY, Calif. (KFSN) — A possible major cyberattack is under investigation at Cal Water, one of California’s largest water utilities serving nearly 500,000 customer connections across the state, including many in the Central Valley. The company said it is working “around the clock” after an Iranian-linked group claimed it hacked its systems. Iranian state...Read More
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use. This is not...Read More
INC Ransomware Exfiltrates Data The cybersecurity landscape faces a growing threat from INC ransomware, a highly active Ransomware-as-a-Service (RaaS) group that has claimed over 800 victims globally since its emergence in mid-2023. Known for its aggressive double-extortion tactics, INC primarily targets high-profile organizations in the United States, specifically focusing on the legal, manufacturing, technology, and...Read More
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers’ Salesforce environments, as the new “Icarus” extortion group publicly claims the attack. The disclosure comes after cybersecurity firms Huntress and ReliaQuest detailed how attackers abused compromised Klue Battlecards integrations to steal...Read More
International law enforcement agencies have dealt a significant blow to one of the world’s most persistent cybercrime ecosystems, disrupting nearly 15,000 compromised websites and dismantling critical infrastructure used to distribute the notorious SocGholish malware in a coordinated multinational operation. The action, conducted under the umbrella of Operation Endgame, marks one of the most ambitious efforts...Read More
Hackers have breached roughly 75,000 Fortinet firewalls belonging to corporations and government agencies worldwide, or roughly half of all Fortinet firewalls exposed to the internet, security researchers have said. A database of Fortinet VPN credentials accidentally discovered by security researcher Bob Diachenko included access tokens for companies including Chevron, Samsung, Foxconn, Comcast, AT&T, Mercedes-Benz, Toyota,...Read More
INC ransomware has grown from a newcomer threat into one of the most dangerous ransomware operations worldwide. What began as an emerging criminal group in mid-2023 has claimed over 800 victims globally, placing it among the top ransomware groups this year. The group runs under a Ransomware-as-a-Service model, recruiting affiliates and supplying them with ready-built...Read More
(Credit for Photo: Photo Provided with Release Courtesy of the Pennsylvania Public Utility Commission) Noah Haswell, Beaver County Radio News (Harrisburg, PA) The Pennsylvania Public Utility Commission (PUC) voted 5-0 yesterday in Harrisburg to approve a Notice of Proposed Rulemaking (NOPR) which would strengthen cybersecurity requirements for regulated utilities. This will continue the PUC’s efforts...Read More
ESET researchers analyzed the robust EDR-killing toolset of the ransomware-as-a-service gang Gentlemen. Since the beginning of 2026, Gentlemen has emerged as one of the most active gangs in the ransomware ecosystem. The group distinguishes itself through a mature, operator-maintained set of endpoint detection and response (EDR) killers, i.e., tools for disrupting security software. Additionally, unlike...Read More
