Central Maine Healthcare is notifying over 145,000 patients that their personal, treatment, and health insurance information was compromised in a data breach. The incident, the healthcare provider says, was discovered on June 1, 2025, after detecting unusual activity on its IT network. However, the intrusion spanned several months, between March and June 2025, the organization said in an incident notice. READ MORE...
Microsoft announced Wednesday that it worked with international law enforcement to seize infrastructure used to run cybercrime subscription service RedVDS and organized civil actions in the United States and United Kingdom to disrupt its further use. RedVDS has enabled at least $40 million in fraud losses in the U.S. since March 2025, according to Microsoft. Microsoft said a joint operation with Europol allowed it to seize RedVDS's infrastructure and take the marketplace offline. READ MORE...
New data suggests that in Australia and New Zealand, hackers are increasingly targeting companies in non-critical sectors like retail and construction. Cyble's "Threat Landscape Report 2024" for Australia and New Zealand focused on the threat to industries critical to the functioning of modern society: government, healthcare, and finance, for example. These are the kinds of sectors that tend to top most cybersecurity year-in-review lists. READ MORE...
Industrial giants Siemens, Schneider Electric, Phoenix Contact, and Aveva have published a dozen Patch Tuesday advisories to inform customers about vulnerabilities found in their ICS/OT products. Siemens has released five new advisories. Two of them describe the same critical authorization bypass flaw in Industrial Edge Devices that can be leveraged by an unauthenticated, remote attacker to bypass authentication and impersonate a user. READ MORE...
Palo Alto Networks patched a high-severity vulnerability that could allow unauthenticated attackers to disable firewall protections in denial-of-service (DoS) attacks. Tracked as CVE-2026-0227, this security flaw affects next-generation firewalls (running PAN-OS 10.1 or later) and Palo Alto Networks' Prisma Access configurations when the GlobalProtect gateway or portal is enabled. The cybersecurity company says that most cloud-based Prisma Access instances have already been patched. READ MORE...
A brand-new Linux malware named VoidLink targets victims' cloud infrastructure with more than 30 plugins that allow attackers to perform a range of illicit activities, from silent reconnaissance and credential theft to lateral movement and container abuse. When VoidLink detects tampering or malware analysis on an infected machine, it can delete itself and invoke anti-forensics modules designed to remove traces of its activity. READ MORE...
The Kyowon Group (Kyowon), a South Korean conglomerate, disclosed that a cyberattack has disrupted its operations and customer information may have been exposed in the incident. The company published a statement earlier this week saying that it recently learned that its systems had been targeted in a suspected ransomware attack. In a subsequent update today, Kyowon confirmed the ransomware incident, disclosing that it occurred on January and that the attacker exfiltrated customer data. READ MORE...
The Kimwolf botnet, which splintered off from the record-setting Aisuru DDoS botnet in August, gained the widespread attention of security researchers when it temporarily claimed the top spot in Cloudflare's global domain rankings in late October 2025. Within weeks it spread like a wildfire, eventually taking over more than 2 million unofficial Android TV devices, according to Synthient, after its operators figured out how to abuse residential proxy networks for local control. READ MORE...
Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white-hat researchers from security firm Varonis. The net effect of their multistage attack was that they exfiltrated data, including the target's name, location, and details of specific events from the user's Copilot chat history. READ MORE...
Researchers have identified one high- and three critical-severity vulnerabilities in a brand of programmable logic controller (PLC) popular at industrial sites in Asia. The DVP-12SE11T, by Taiwan's Delta Electronics, is a cut-rate PLC popular in a variety of sensitive sectors in Asia, such as water treatment and food and beverage processing. In August 2025, researchers from OPSWAT's Unit 515 decided to crack into it, and in doing so discovered four serious vulnerabilities. READ MORE...