New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek's design choices - such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies - introduce a number of glaring security and privacy risks. READ MORE...
A crippling cyberattack that knocked out most of the systems and operations at Hospital Sisters Health System (HSHS) in August 2023 impacted the personal information of roughly 883,000 individuals. The outage started on August 27, 2023, impacting internal systems, communications and internet systems, phones, internal applications, the MyChart and MyPrevea applications, online payments, and HSHS's website, and lasted for several days. READ MORE...
The personal and health information of over 430,000 individuals was compromised in October and November 2024 data breaches at Allegheny Health Network (AHN) and University Diagnostic Medical Imaging (UDMI). UDMI, a medical imaging center in New York, says threat actors accessed certain information on its systems for a brief period on November 26, before the suspicious activity was discovered. READ MORE...
Threat groups deployed a range of web shells against vulnerable or unpatched web applications in 35% of incidents during the fourth quarter of 2024, according to a report by Cisco Talos. The deployments marked a sharp increase from the prior quarter, when the same activity was only seen in 10% of incidents. Meanwhile, hackers exploited public facing applications to gain initial access in 40% of incidents in which the means of access could be determined. READ MORE...
An attempt to block a phishing URL in Cloudflare's R2 object storage platform backfired yesterday, triggering a widespread outage that brought down multiple services for nearly an hour. Cloudflare R2 is an object storage service similar to Amazon S3, designed for scalable, durable, and low-cost data storage. It offers cost-free data retrievals, S3 compatibility, data replication across multiple locations, and Cloudflare service integration. READ MORE...
Last week, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the US Food and Drug Administration (FDA), raised an alert for Contec CMS8000 and Epsimed MN-120 healthcare monitors, warning they potentially put patients at risk once connected to the Internet, due to a malicious, hidden backdoor embedded into the devices. But security researchers say the issue isn't actually intentional malware but, rather, just insecure design. READ MORE...
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. "In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories." READ MORE...
Researchers at ReversingLabs have identified at least two machine-learning models on Hugging Face, a popular platform for community AI development, that link to malicious web shells and managed to evade detection through the use of "pickling." Pickle files are python-based modules that allow a developer to serialize and deserialize code. They're commonly used by AI developers to store and build off ML models that have already been trained. READ MORE...
CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability. Discovered by Check Point vulnerability researcher Haifei Li and tracked as CVE-2024-21413, the flaw is caused by improper input validation when opening emails with malicious links using vulnerable Outlook versions. READ MORE...