Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory reporting, reinsurance support, and IT systems for major insurers nationwide like Liberty Bankers Life and American Benefit Life. In October 2024, the company warned that it detected suspicious activity on its networks on May 13th, 2024. READ MORE...
Hertz Corp. confirmed a threat actor gained access to sensitive personal data in a breach linked to vulnerabilities in Cleo file-transfer software, according to a filing Friday with the Maine Attorney General's office. Hertz said it learned on Feb. 10 that an unauthorized third party obtained the data in connection with an attack spree that took place between October and December 2024. Hertz completed an analysis of the stolen data on April 2. READ MORE...
DaVita has been hit by a ransomware attack that's affecting operations, the kidney care provider said Monday. The dialysis company discovered the attack, which encrypted parts of its network, on Saturday, according to a securities filing. Davita then activated its response plans and isolated affected systems. The company did not disclose how its operations are being affected or how long the disruption will last, but said patient care is continuing. READ MORE...
A data breach at insurance firm Lemonade left the details of thousands of drivers' licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that was likely to have exposed "certain driver's license numbers for identifiable individuals." Lemonade says that the unauthorised exposure started in approximately April 2024, and continued through September 2024. READ MORE...
Russia never stops using proven tactics, and its Cozy Bear, aka APT 29, cyber-spies are once again trying to lure European diplomats into downloading malware with a phony invitation to a lux event. Last year, the Kremlin team went after German politicians with Windows backdoor malware dubbed Wineloader concealed in fake invitations to a dinner reception. Now, malware hunters at Check Point say the same crew is back with Grapeloader. READ MORE...
A ransomware group claims to have stolen a significant amount of files from a regulatory agency in Oregon after the organization said it had no evidence of a data breach. The Oregon Department of Environmental Quality (DEQ) is the regulatory agency in charge of the quality of air, land and water in the state. The organization revealed on April 9 that it had launched an investigation into a cyberattack that forced it to shut down networks as part of containment efforts. READ MORE...
On April 15, Oracle announced the release of 378 new security patches as part of its second Critical Patch Update (CPU) of 2025, including 255 fixes for vulnerabilities that are remotely exploitable without authentication. SecurityWeek has identified roughly 180 unique CVEs in Oracle's April 2025 CPU and counted approximately 40 security patches that resolve critical-severity flaws. Oracle Communications received the largest number of security fixes at 103. READ MORE...
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator's infrastructure to extort money from victims. RansomHouse appears to often skip the step of encrypting victims' data entirely - preferring to just steal the data instead, making threats to release it if a cryptocurrency ransom is not paid. READ MORE...
CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. "The CVE Program is invaluable to cyber community and a priority of CISA," the U.S. cybersecurity agency told BleepingComputer. "Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners' and stakeholders' patience." READ MORE...
An AI-powered presentation tool named Gamma is being used in phishing attacks to trick targets into thinking an email is legitimate. That's according to researchers at security vendor Abnormal Security, which published research today dedicated to Gamma and how threat actors are misusing it to reach targets in a new campaign. Abnormal researchers detailed how Gamma can be used to deliver a link to a fake Microsoft portal. READ MORE...