NEW
CU InfoSecurity
Unknown date
Lawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against Marquis Marquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits.
NEW
CU InfoSecurity
Unknown date
Emergency CISA Directive Lands as DHS Shutdown Strains Cyber Operations The Cybersecurity and Infrastructure Security Agency issued a directive Wednesday ordering civilian agencies to secure and hunt for compromise in vulnerable Cisco SD-WAN systems after officials observed active exploitation - while warning that shutdown-related disruptions heighten operational risk.
NEW
CU InfoSecurity
Unknown date
State Officials Investigating Breach of Back-Office Services Provider Found in 2025 The victim count in the 2024 hack on back-office support services vendor Conduent Business Services has just ballooned again, with the Xerox-spinoff now reporting to Wisconsin regulators that the incident affected "25 million-plus" people nationwide.
NEW
CU InfoSecurity
Unknown date
Attack Spotlights Threats, Risks Facing Healthcare Supply Chain UFP Technologies, a Massachusetts-based maker of single-use medical devices and other healthcare supplies, has notified the U.S. Securities and Exchange Commission of a cyber incident discovered on Valentine's Day that involved the theft or destruction of company data.
NEW
CU InfoSecurity
Unknown date
Russian and Armenian Operators Tied to Logistics-Focused 'Diesel Vortex' Group Cybersecurity investigators have identified, unmasked and disrupted a months-long organized criminal effort that developed a phishing-as-a-service designed to target Western users of popular logistics platforms, facilitating multiple types of fraud and displaying operators' deep industry knowledge.
NEW
CU InfoSecurity
Unknown date
NEW
CU InfoSecurity
Unknown date
NEW
CU InfoSecurity
Unknown date
Venture Capitalist Nick Davidov Points to Market Demand, Vulnerability Trends Anthropic's new AI-powered code security tool may have triggered a market selloff this week, but venture capitalists aren't rewriting their investment plans for cybersecurity vendors, said Nick Davidov, co-founder and managing partner at San Francisco-based venture capital firm DVC.
NEW
CU InfoSecurity
Unknown date
NEW
CU InfoSecurity
Unknown date
Security
- Astelia raised $35 million in Series A funding for its AI-powered exposure management tool.
- The platform uses AI agents and network analysis to prioritize vulnerabilities across hybrid and on-premises environments.
Index Ventures Backs End-to-End Platform, Targeting of AI-Driven Vulnerability Risk Astelia raised $35 million in Series A funding led by Index Ventures to scale its AI-powered exposure management tool. The company uses AI agents and network analysis to help enterprises prioritize exploitable vulnerabilities and reduce remediation noise across hybrid and on-premises environments.
NEW
CU InfoSecurity
Unknown date
Growth in enterprise cloud computing is constrained by power grid limitations; 26% of projects faced delays. Experts warn this could impact 2026 road maps.
Power Capacity Is Growing But 26% of Projects Faced Delays, Experts Warn For years, enterprise cloud computing has felt like a "sky's the limit" endeavor, but that aspiration is coming crashing to the ground as the industry faces a hard new reality. Growth is being constrained by the very real physical limitations of the world's power grids.
NEW
CU InfoSecurity
Unknown date
Proposals
- European Union member governments rejected a proposal from the European Commission to redefine 'personal data' for easier data sharing.
- The rejection received cautious approval from Paul Nemitz, who was involved in crafting Europe's GDPR.
Council of the EU Rejects Redefinition of 'Personal Data' A rejection by European Union member governments of proposal backed by the European Commission to make it easier to share data about individuals won cautious plaudits from Paul Nemitz, a key architect of Europe's General Data Protection Regulation.
NEW
CU InfoSecurity
Unknown date
Security
Officials warn funding cuts and fragmented intelligence sharing are undermining cyber and critical infrastructure protections for the 2026 World Cup. Interoperability gaps in security measures are also highlighted.
Officials Warn Funding Cuts, Fragmented Intelligence Sharing Slow Threat Response State and local officials told lawmakers that funding cuts, fragmented intelligence pipelines and unresolved interoperability gaps are undermining cyber and critical infrastructure protections as the country prepares for the 2026 World Cup and a series of high-profile global events.
NEW
CU InfoSecurity
Unknown date
Security
• University of Mississippi Medical Center's healthcare clinics remain closed and elective procedures cancelled due to a ransomware attack. • The incident highlights potential cybersecurity risks faced by healthcare providers.
Similar Cyber Incident Depicted in Fictional Hospital From HBO's 'The Pitt' All three dozen of the University of Mississippi Medical Center's healthcare clinics throughout the state remain closed and elective procedures are also still cancelled as Mississippi's only academic health science center continues to respond to a ransomware attack nearly a week later.
CU InfoSecurity
Unknown date
Security
Anthropic claims DeepSeek, MoonShot AI, and MiniMax used tens of thousands of fake accounts to steal capabilities from its Claude models; no explicit mention of Texas or Texas-specific entities.
DeepSeek, MoonShot AI, MiniMax Used 24K Fake Accounts in Campaign Anthropic has accused three Chinese AI firms of running coordinated, large-scale operations to steal capabilities from its Claude models. The U.S.-based company said DeepSeek, Moonshot AI and MiniMax are conducting "industrial-scale campaigns" using tens of thousands of fraudulent accounts.
CU InfoSecurity
Unknown date
Guidance
The article emphasizes the importance of securing identities in a hybrid work environment. It highlights the need for robust identity management systems and continuous monitoring to prevent unauthorized access.
CU InfoSecurity
Unknown date
Security
The webinar emphasizes the importance of aligning Security Operations (SecOps) and Governance, Risk, and Compliance (GRC) for effective security management. It highlights that siloed approaches can lead to inefficiencies and vulnerabilities.
CU InfoSecurity
Unknown date
Digital risk has become a clinical challenge driven by weak governance, excess access, and unmanaged vendors. Resilience now depends on strong governance rather than additional tools.
Why Governance, Access Control and Vendor Oversight Now Define Patient Safety Healthcare breaches do not start with a single technical failure. Digital risk has become clinical risk, driven by weak governance, excess access and unmanaged vendors. Resilience now depends on governance, not more tooling.
CU InfoSecurity
Unknown date
Security
Lazarus Group hackers are using Medusa ransomware in extortion attacks on U.S. healthcare entities; Rim Jong Hyok, an alleged member of the Lazarus subgroup Stonefly, was indicted in 2024.
Report: Lazarus Group Pivoting to Medusa Ransomware for Extortion Attacks North Korean-state backed Lazarus Group hackers are using Medusa ransomware in extortion attacks on U.S. healthcare entities despite a 2024 U.S. indictment of Rim Jong Hyok, an alleged member of the Lazarus subgroup Stonefly, according to a new threat intelligence report.
CU InfoSecurity
Unknown date
Security
Anthropic's Claude Code Security introduces a new AI code scanning tool; it promises deep reasoning for identifying and remediating code vulnerabilities but faces challenges in matching feature breadth needed by large enterprises.
How Claude's New AI Code Scanning Tool Will Challenge Application Security Leaders Anthropic's debut of Claude Code Security jolted cybersecurity stocks and intensified competition in application security testing. It promises deep reasoning around identifying and remediating code vulnerabilities but faces steep challenges matching the feature breadth required by large enterprises.
CU InfoSecurity
Unknown date
Guidance
The White House is launching export-ready 'American AI stack' packages, a U.S. Tech Corps, and new standards initiatives aimed at strengthening U.S. infrastructure in allied nations while countering foreign influence over global AI governance.
New Programs Aim to Counter Foreign Influence Over Tech Standards The White House is operationalizing its AI action plan with export-ready "American AI stack" packages, a U.S. Tech Corps and new standards initiatives, aiming to entrench U.S. infrastructure in allied nations while countering foreign influence over global AI governance.
CU InfoSecurity
Unknown date
- Network intelligence focuses on relationships across banks rather than individual bank detection.
- This approach aims to move from detecting anomalies alone to understanding the connections in fraud networks.
Shared Network Intelligence Adds Ecosystem Visibility to AI Models Fraudsters collaborate, but most banks still detect fraud alone. This imbalance has defined fraud prevention for years. Now CISOs and fraud practitioners are rethinking their approach using network intelligence signals. Network intelligence shifts the lens by focusing on relationships across banks.
CU InfoSecurity
Unknown date
Security
The article highlights the importance of hardening browser security to prevent cyber threats. It emphasizes the need for regular updates and strong password policies.
CU InfoSecurity
Unknown date
Security
• Clear ownership and accountability for device security are lacking, leading to potential safety risks to patients.
• Mohamed Waqas, CTO of Armis, highlights the issue as a result of turf wars between healthcare technology management, facilities OT staff, IT departments, and security teams.
What often appears to be turf wars between healthcare technology management, facilities OT staff, IT departments and security teams are often the result of unclear ownership and accountability for device security. And that presents safety risks to patients, says Mohamed Waqas, CTO of Armis.
CU InfoSecurity
Unknown date
Security
PayPal discovered a six-month data breach affecting about 100 business customers of its loan app, exposing personal information and leading to fraudulent charges. PayPal fully refunded the affected customers.
Fintech Giant Says Personal Data Exposed for About 100 Business Users of Loan App Financial services firm PayPal said it discovered a data breach that lasted for six months, exposed some business customers' personal information and led to fraudulent charges. The company said about 100 customers were affected, and that it has fully refunded them for fraudulent charges.