Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that the personal and healthcare information of over 430,000 patients was exposed in a data breach disclosed last month. As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted a former business partner in December. READ MORE...
Bluetooth 6.1 released, enhances privacy and power efficiency
The Bluetooth Special Interest Group has released Bluetooth 6.1, and one of the most important new features is an update to how devices manage privacy and power. The update, called Bluetooth Randomized RPA (resolvable private address) Updates, helps protect users from tracking and reduces battery drain. Bluetooth devices often change their address to make it harder for others to track them. READ MORE...
Commvault: Vulnerability Patch Works as Intended
Commvault has disputed a security researcher's claims that an exploit for a recently disclosed maximum severity vulnerability, tracked as CVE-2025-34028, in its Command Center Web-based management interface remains effective even in recently updated versions of the software. In comments to Dark Reading, Commvault spokesperson Ross Camp called researcher Will Dormann's observation earlier this week inaccurate. READ MORE...
US Announces Botnet Takedown, Charges Against Russian Administrators
The US Department of Justice and the Black Lotus Labs team at telecom company Lumen Technologies announced on Friday the takedown of two proxy services powered by a botnet of thousands of hacked devices. The Justice Department has worked with Lumen and police in the Netherlands and Thailand to dismantle the proxy services named Anyproxy and 5socks. Their domains have been seized and Lumen has disrupted infrastructure by null-routing all traffic to and from known control points. READ MORE...
Germany takes down eXch cryptocurrency exchange, seizes servers
The Federal police in Germany (BKA) seized the server infrastructure and shut down the 'eXch' cryptocurrency exchange platform for alleged money laundering cybercrime proceeds. During the law enforcement operation, the authorities also seized eight terabytes of data and cryptocurrency (Bitcoin, Ether, Litecoin, and Dash) worth approximately $38,000,000, making this the third largest seizure of digital assets in BKA's history. READ MORE...
DOGE worker's old creds found exposed in infostealer malware dumps
Good cybersecurity habits don't appear to qualify anyone to work at DOGE, as one Musk minion seemingly fell victim to infostealer malware. Developer and journalist Micah Lee reported last Thursday that he found a whopping 51 data breach records and four infostealer log dumps associated with DOGE employee Kyle Schutt on data breach tracking service Have I Been Pwned (HIBP) - which is unnerving as Schutt has access to sensitive government data at the Federal Emergency Management Agency. READ MORE...
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. "[The] attacks [are] staged by follow-on, opportunistic threat actors who are leveraging previously established webshells (from the first zero-day attack) on vulnerable systems," Onapsis warned last week. SAP released an emergency patch for CVE-2025-31324 on April 24, 2025. READ MORE...
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks
Two vulnerabilities in DriverHub, a driver software that comes pre-installed on Asus motherboards, can be exploited remotely for arbitrary code execution, New Zealand researcher 'MrBruh' says. The issues could be exploited via crafted HTTP requests to interact with DriverHub. According to Asus, the flaws are the result of a lack of sufficient validation and could be exploited to interact with the software's features and affect system behavior READ MORE...
SonicWall customers confront resurgence of actively exploited vulnerabilities
Vulnerabilities are proliferating in SonicWall devices and software this year, putting the vendor's customers at risk of intrusion via secure access gateways and firewalls. The year started off on a sour note for the California-based company when it released security advisories for nine vulnerabilities on Jan. 7. The total number of vulnerabilities publicly disclosed by the company so far in 2025 has grown to 20. READ MORE...
- ...in 1907, actress Katharine Hepburn ("The Philadelphia Story", "The African Queen") is born in Hartford, CT.
- ...in 1937, stand-up comedian and writer George Carlin is born in New York City.
- ...in 1949, the Soviet Union lifts its blockade of Berlin.
- ...in 1981, Academy Award-winning actor Rami Malek ("Mr. Robot", "Bohemian Rhapsody") is born in Torrance, CA.
