Cognizant TriZetto breach exposes health data of 3.4 million patients

TriZetto Provider Solutions, a Cognizant healthcare IT subsidiary, disclosed a data breach exposing sensitive personal and health information of over 3.4 million patients. The compromised data supports claims processing for insurers and providers. No evidence of misuse yet, but the incident exposes systemic risks in outsourced medical data handling.

Son of government contractor arrested after alleged $46M crypto heist from US Marshals

John Daghita, son of a US government contractor, arrested in Saint Martin for stealing over $46 million in cryptocurrency from US Marshals Service custody. FBI and French authorities coordinated the raid. Case underscores security gaps in government-held seized digital assets.

Iran Regime's Crypto Activity Topped $3 Billion as Illicit Transactions Surged in 2025: Report

Iran's regime funneled over $3 billion through cryptocurrency in 2025 amid a surge in illicit transactions, according to Chainalysis. Sanctioned nations like Russia and North Korea similarly escalated crypto use to bypass Western restrictions. DeFi protocols emerge as critical vectors for state-sponsored financial evasion, deepening regulatory fault lines.

FBI arrests suspect linked to $46M crypto theft from US Marshals

FBI arrested Joshua Michael Broome on Saint Martin for stealing $46 million in bitcoin from US Marshals Service's Silk Road auction wallet in 2020. The suspect, son of a government contractor, allegedly laundered funds via mixers and exchanges. Extradition pending to face money laundering and theft charges.

FBI investigating hack on its wiretap and surveillance systems: report

The FBI is probing a breach into networks managing its wiretap and surveillance activities, per CNN reports. Attackers allegedly accessed sensitive law enforcement infrastructure. Incident underscores fragility of government surveillance tools amid rising cyber threats.

This iOS Exploit Kit Has 23 Attacks – But Lockdown Mode Stops It Cold

Google documents "Coruna," a sophisticated iOS exploit kit with 23 vulnerabilities spanning iOS 13 to 17.2.1, traded from surveillance vendor to Russian spies then Chinese cybercriminals. Reveals underground market chaining state surveillance tools to mass exploitation, halted only by Apple's Lockdown Mode.

New LexisNexis Data Breach Confirmed After Hackers Leak Files

LexisNexis confirmed hackers stole 2GB of data from its Legal & Professional AWS instance, including 400,000 personal records via a React2Shell exploit. The breach underscores vulnerabilities in data brokers aggregating sensitive profiles for law enforcement and insurers.

Sanctions Evasion, Statecraft, and the New Crypto Geography in the Asia-Pacific

Enforcement agencies link Asia-Pacific state-aligned actors to major crypto thefts and laundering for sanctions evasion. Blockchain facilitates statecraft bypassing traditional finance controls, remapping regional crypto hubs. Global regulators struggle with decentralized flows enabling sovereign financial maneuvers.

UH Cancer Center data breach affects nearly 1.2 million people

University of Hawaii Cancer Center ransomware attack in August 2025 exposed personal data of 1.2 million individuals via its Epidemiology Division. Attackers stole sensitive health and identity information. Institution notifies affected parties amid ongoing breach investigations.

$4.8M in crypto stolen after Korean tax agency exposes wallet seed

South Korea's National Tax Service accidentally published the mnemonic recovery phrase for a seized cryptocurrency wallet in an official press release. Hackers quickly drained the wallet of 6.4 billion won ($4.8 million) in assets. The breach highlights acute risks in government handling of confiscated digital currencies.

CyberStrikeAI tool adopted by hackers for AI-powered attacks

Open-source AI platform CyberStrikeAI, designed for security testing, repurposed by threat actors for real-world attacks including Fortinet firewall breaches. The tool enables automated vulnerability scanning and exploitation. Dual-use AI risks escalate as defensive tech turns offensive.

Hackers hit Iranian apps, websites after US-Israeli strikes

Cyber-enabled operations accompanied joint U.S.-Israeli strikes on Iran early Saturday. State-linked Iranian hacking groups conducted data-wiping attacks on Israeli targets, while unidentified actors defaced the BadeSaba religious calendar app—downloaded by over 5 million users—with messages urging Iranian armed forces to disarm. CrowdStrike observed Iranian-aligned threat actors conducting reconnaissance and DDoS attacks alongside physical military operations.

The Case for Why Better Breach Transparency Matters

RSA Conference session led by security consultants Adam Shostack and Adrian Sanabria highlights systemic lack of feedback mechanisms in cybersecurity incident response, arguing that mandated detailed breach disclosure is essential to reduce cyber-risk. Current US requirements vary state-by-state with publicly traded companies only obligated to report material-impact incidents, while The British Library's 2023 ransomware after-action report cited as rare example of comprehensive public accountability.

Ransomware payments cratered in 2025

Chainalysis research shows ransomware payments dropped to record lows in 2025 despite attacks surging 50% year-over-year, with over 8,000 organizations publicly named on leak sites according to Emsisoft data. Developed economies remain primary targets with the US leading followed by Canada, Germany, and UK, while high-profile victims included Jaguar Land Rover's costliest UK cyber incident and Marks & Spencer's Scattered Spider-linked breach wiping hundreds of millions in market value.

Conduent Data Breach Could Affect 25M People. Learn How to Protect Your Online Accounts

A ransomware attack on government contractor Conduent has exposed personal data of 25 million Americans across multiple state healthcare programs, including names, Social Security numbers, and medical information. The SafePay ransomware gang spent three months in Conduent's systems before discovery, exfiltrating approximately 8 terabytes of data. Many affected individuals were unaware their data flowed through Conduent's backend systems, highlighting systemic supply-chain vulnerabilities in government technology procurement.

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

Congressional Democrats released findings showing data broker breaches have cost consumers tens of billions in identity theft losses. The report follows a WIRED investigation that exposed how data brokers hid opt-out pages from search engines using "no index" codes, making it nearly impossible for consumers to remove their personal information. Four companies subsequently removed the blocking code after congressional scrutiny.

How scammers are using AI deepfakes to steal money from taxpayers

Ad Tech Company Optimizely Targeted in Cyberattack

Ad technology firm Optimizely confirmed that a voice-phishing attack compromised internal business systems including Zendesk and Salesforce, exposing customer data. The breach affects major enterprise clients including PayPal, Salesforce, Vodafone, and Zoom. Voice phishing enables attackers to bypass technical security measures by targeting employees through social engineering.

Destitute survivors of south-east Asia's cyberscam farms an 'international crisis'

The Guardian reports that thousands of survivors freed from forced-labor cyberscam compounds across Southeast Asia are now destitute and sleeping on streets, with aid agencies warning of an international humanitarian crisis. Victims trafficked into compounds to conduct global cryptocurrency and investment scams lack passports, money, and support from Cambodian authorities who have failed to offer victim screening or other assistance.

Teenager first in SA to be prosecuted for allegedly creating deepfake images

William Hamish Yeates, 19, became the first person in South Australia prosecuted under 2024 Commonwealth laws criminalizing non-consensual deepfake pornography. He faces eight counts of creating or altering sexual material without consent for allegedly generating explicit deepfake images of a teenage girl and distributing them on social media. The case marks an early enforcement action against AI-generated intimate image abuse under Australia's federal deepfake legislation.

Ministers urged to impose temporary ban on crypto political donations

UK Parliament's Joint Committee on National Security Strategy demanded a moratorium on cryptocurrency political donations until safeguards against foreign interference are implemented. The warning comes after the Representation of the People bill omitted crypto donation restrictions despite concerns that digital assets enable malign actors to conceal funding sources, complicating Electoral Commission and law enforcement oversight capabilities.

CrowdStrike says attackers are moving through networks in under 30 minutes

CrowdStrike's 2026 Global Threat Report found the average time from intrusion to lateral network movement plummeted to 29 minutes in 2025, a 65% increase in attack speed. State-sponsored threat actors increased cloud intrusion activity by 266% while AI-enabled adversary activity surged 89%. Chinese threat groups achieved immediate system access in two-thirds of vulnerability exploitations, with 40% targeting edge devices. North Korea's Lazarus Group orchestrated the largest cryptocurrency theft in history stealing $1.46 billion from Bybit.

600+ FortiGate Devices Hacked by AI-Armed Amateur

A Russian-speaking threat actor used commercial generative AI tools to compromise more than 600 Fortinet FortiGate firewalls across 55 countries in five weeks. Researchers from Amazon Web Services found the attacker was not state-sponsored but used LLMs to automate attack scripting, credential extraction, and lateral movement. The campaign exploited exposed management ports and weak credentials, with AI enabling the low-skilled actor to achieve outcomes previously requiring substantial technical expertise.

Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS

Amazon Web Services threat researchers identified a Russian-speaking hacker who compromised over 600 Fortinet FortiGate firewall instances across 55 countries using generative AI tools. The attacker exploited exposed management ports and weak credentials, then used AI to generate Python scripts for credential extraction and lateral movement. AWS confirmed the threat actor is not associated with any advanced persistent threat group, demonstrating how commercial AI services lower technical barriers for unsophisticated attackers to execute scaled campaigns.

The Big One: The cyberattack scenarios that keep officials up at night

Seven former national security officials and industry leaders detailed their gravest cybersecurity concerns. Paul Nakasone, former NSA and Cyber Command head, warned that nation-state actors who have breached food and water infrastructure could accidentally trigger catastrophic outages if they lose control of AI agents. Former CISA director Jen Easterly noted AI is scaling existing weaknesses in insecure software and over-trusted automation.

Password Managers Share a Hidden Weakness

Researchers at ETH Zurich and USI Lugano have exposed fundamental flaws in password manager cryptographic implementations, challenging "zero knowledge" claims that companies claim prevent them from accessing user credentials. The study demonstrates that malicious insiders or sophisticated hackers can exploit these cryptographic weaknesses to compromise the supposedly secure vaults across multiple major platforms. The findings undermine years of privacy assurances that have positioned password managers as essential security infrastructure.