Ransomware Gang Stole 170,000 Patients’ Data—Sandhills Didn’t Tell Them for 344 Days
Inc Ransom hit Sandhills Medical in May 2025. The provider waited 344 days to notify 170,000 patients whose SSNs, financial data, health records were stolen.
Archive
Tag: Cybersecurity
Bessent and Powell Summoned Bank CEOs After Mythos Found 27 Years of Hidden Vulnerabilities
Bessent and Powell convened bank CEOs after Mythos found 27 years of hidden vulnerabilities—but the same AI that finds bugs can exploit them, and CISA still…
Vect Ransomware’s Critical Bug Turns It Into a Data Wiper—Even the Attackers Can’t Recover Files
Vect 2.0 ransomware can't decrypt files over 128KB due to a critical coding error—Check Point found it discards 3 of 4 decryption nonces, making recovery impossible…
Bessent and Powell Summoned Bank CEOs Over Mythos—AI Finds Flaws That Sat Undetected for 27 Years
Bessent and Powell convened bank CEOs after Mythos found vulnerabilities undetected for up to 27 years. Regulators trail banks on AI adoption by a 2:1 margin.
Global Regulators Fall Further Behind Banks on AI—Mythos Just Made It Worse
Only 24% of regulatory authorities collect data on bank AI adoption while 43% have no plans to start. Anthropic's Mythos just made this gap impossible to…
1.5M AI-Linked CSAM Reports Hit NCMEC in 2025—And Investigators Are Drowning
NCMEC got 1.5M AI-linked CSAM reports in 2025—including 30K prompt-based generation attempts. California and Congress are pushing new platform liability rules.
Cursor’s AI Agent Deleted a Startup’s Production Database in 9 Seconds—Nobody Could Stop It
A Cursor agent running Claude Opus wiped PocketOS's production database and backups via a single API call. The founder says marketing promises of safety don't match…
Hackers Exploited LiteLLM’s Pre-Auth SQLi Flaw in 36 Hours—And Went Straight for the API Keys
A critical pre-auth SQL injection in LiteLLM exposed OpenAI and Anthropic API keys. Attackers hit the proxy 36 hours after disclosure with surgical precision.
ADT Got Hacked 3 Times in 8 Months—5.5M Customer Records Are Now Public
ShinyHunters breached ADT via an employee Okta account and leaked 11GB of customer data after extortion failed. ADT's third breach in 8 months.
Two Surveillance Vendors Hijacked Global Phone Networks to Track Targets—and the Flaw Is 30 Years Old
Citizen Lab identified two surveillance vendors exploiting SS7 and Diameter protocols through three telecoms to track phone locations worldwide. The flaw is decades old.