DaVita hit by ransomware attack

The kidney dialysis firm doesn’t have an estimate for how long disruption from the attack will last, though it stressed patients are still receiving care.

Attackers exploit zero-day flaw in Gladinet CentreStack file-sharing platform

Critical vulnerability affects both CentreStack and Gladinet’s on-premises file-sharing server, Triofox.

Over 14K Fortinet devices compromised via new attack method

Fortinet warned last week that a threat actor was using a novel post-exploitation trick to maintain access to devices after they were patched.

Aviation sector faces heightened cyber risks due to vulnerable software, aging tech

A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.

Remote access tools most frequently targeted as ransomware entry points

Supply chain risk via third-party vendors increased sharply last year, according to a report by At-Bay.

Fortinet warns of threat activity against older vulnerabilities

Researchers discovered a technique that allows threat actors to maintain read-only access to vulnerable FortiGate devices after they are patched.

Windows CLFS zero-day exploited in ransomware attacks

A threat actor tracked as Storm-2460 has used PipeMagic malware to facilitate the attacks.

CISA adds Ivanti Connect Secure vulnerability to KEV catalog

CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug that could not be exploited remotely.

Sam’s Club investigating attack claim linked to Clop ransomware

The prolific gang is linked to the exploitation of critical flaws in Cleo file transfer software.

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

Security researchers from Trustwave SpiderLabs provided additional evidence backing up claims of a breach.

CISA urges fired probationary workers to respond after federal judge grants order

The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.

Solar power gear vulnerable to remote sabotage

Security flaws underscore the risk of cyber threat actors commandeering parts of the electric grid.

AI project failure rates are on the rise: report

The share of businesses scrapping most of their AI initiatives increased to 42% this year, up from 17% last year, according to S&P Global Market Intelligence. 

Tech giants seek data standards amid AI push

Microsoft, IBM and Cisco are among the vendors backing the OASIS Data Provenance Standards Technical Committee announced last week.

FCC launches national security unit to counter state-linked threats to US telecoms

The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

82% of K-12 schools recently experienced a cyber incident

Cybercriminals are increasingly targeting school networks through phishing and social engineering, a cybersecurity nonprofit reported.

Majority of ransomware claims involved compromise of perimeter security devices

A report by cyber insurance firm Coalition shows six of every 10 ransomware claims involved compromised VPN or firewall.

Former NSA cyber director warns drastic job cuts threaten national security

Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.

Eleven11bot estimates revised downward as researchers point to Mirai variant

The botnet has been involved in DDoS activity targeting telecom companies and gaming platforms.

CrowdStrike shares fall as company forecasts lower-than-expected results

The cybersecurity vendor is ending its customer commitment package, which was launched to help maintain existing relationships.

More than 86K IoT devices compromised by fast-growing Eleven11 botnet

The Iran-linked botnet has a large presence in the U.S. and is targeting telecom and other firms with DDoS attacks.

Microsoft-signed driver used in ransomware attacks

Threat actors are exploiting a privilege escalation flaw in Paragon Partition Manager for “bring your own vulnerable driver” (BYOVD) attacks.

Leaked ransomware chat logs reveal Black Basta’s targeted CVEs

Cybercrime group focused on Microsoft vulnerabilities as well as flaws in network edge devices and communications software.

Nearly 3K Ivanti Connect Secure instances vulnerable to critical flaw

U.S. has the most VPNs not yet patched for CVE-2025-22467.

DeepSeek’s AI shake-up could boost cybersecurity risks, spending: report

The cybersecurity market could grow to $338 billion in value by 2033, driven in part by expanding AI risks, Bloomberg Intelligence analysts said.