1.4 Million Affected by Data Breach at Virginia Radiology Practice
Radiology Associates of Richmond has disclosed a data breach affecting more than 1.4 million individuals. A data security incident notice posted on its website reveals that the healthcare organization's systems were accessed by hackers for a period of several days in April 2024. More than one year later, Radiology Associates of Richmond determined that the compromised systems had stored files containing identifiable protected health and personal information. READ MORE...
Anne Arundel Dermatology Data Breach Impacts 1.9 Million People
Maryland-based dermatology services provider Anne Arundel Dermatology has disclosed a data breach impacting roughly 1.9 million individuals. Data breach notifications sent out to affected people reveal that hackers had access to its systems for roughly three months, between February 14 and May 13. An investigation launched after the intrusion was detected showed that the attacker could have stolen files containing patients' personal and health information. READ MORE...
GitHub abused to distribute payloads on behalf of malware-as-a-service
Researchers from Cisco's Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets. The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that's greenlit in many enterprise networks that rely on the code repository for the software they develop. READ MORE...
Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in China
Google has filed a lawsuit against 25 unnamed individuals in China it accuses of breaking into more than 10 million devices worldwide and using them to build a botnet, called BadBox 2.0, and then to carry out other cybercrimes and fraud. "As of April 2025, BadBox 2.0 is comprised of more than ten million infected AOSP-based TV streaming boxes, tablets, projectors, and after-sale car infotainment systems," according to the lawsuit. READ MORE...
LameHug malware uses AI LLM to craft Windows data-theft commands in real-time
A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. LameHug was discovered by Ukraine's national cyber incident response team (CERT-UA) and attributed the attacks to Russian state-backed threat group APT28 (a.k.a. Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, Forest Blizzard). READ MORE...
Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was an isolated incident, but recent security breaches involving its employees in Vietnam tell a more nuanced story. READ MORE...
Researchers warn of cyberattacks targeting key Fortinet software
Hackers are actively exploiting a critical flaw in Fortinet's FortiWeb Fabric Connector, according to cybersecurity experts. The vulnerability, tracked as CVE-2025-25257, involves an improper neutralization of special elements used in an SQL command. Successful exploitation of the vulnerability can allow an attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPS requests, according to a Fortinet advisory. READ MORE...
Firmware Vulnerabilities Continue to Plague Supply Chain
Automated firmware-analysis tools and the falling cost of the technical hardware needed to inspect computer processors and memory are leading to a surge in reports of firmware vulnerabilities and motherboard security weaknesses. In the latest example, motherboard manufacturer Gigabyte disclosed on July 10 that a set of four firmware vulnerabilities had persisted in its platform, even though the original issues - in the firmware provided by independent BIOS vendor AMI - were patched years ago. READ MORE...
- ...in 1921, Marine aviator, astronaut, and US Senator John Glenn is born in Cambridge, OH. He was the first American astronaut to orbit the Earth on the Mercury-Atlas 6 mission.
- ...in 1940, President Franklin Delano Roosevelt is nominated for an unprecedented third term.
- ...in 1968, microprocessor manufacturer Intel is founded in Mountain View, CA.
- ...in 1976, Romanian gymnast Nadia Comaneci becomes the first Olympic competitor to score a perfect 10 in a gymnastics event.
