HIPAA’s No Joke: Gag Gift Firm’s Health Plan Pays $450K Fine – BankInfoSecurity
HIPAA's No Joke: Gag Gift Firm's Health Plan Pays $450K Fine BankInfoSecurity
HIPAA's No Joke: Gag Gift Firm's Health Plan Pays $450K Fine BankInfoSecurity
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. [...]
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected dev…
The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDR-termi…
Meteor 3.0 helped Rocket.Chat move from Node.js 14 to Node.js 20, cutting runtime debt after Fibers removal and reducing supply-chain risk across federal users.
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. [...]
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same ma…
By Mark Taylor - Hospitals have EHRs. Health plans have care management platforms. Community organizations have case management tools. State agencies have eligibility, reporting, and program management systems. In many cases, those tools work well enough for the people using them…
New HHS-OIG Exclusions The HIPAA Journal
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of acces…
The Department of Health and Human Services Office of Inspector General (HHS-OIG) has announced new additions to its List of […] The post New HHS-OIG Exclusions appeared first on The HIPAA Journal.
Luxembourg, Luxembourg, 19th June 2026, CyberNewswire
A settlement has been agreed to resolve class action data breach litigation against Managed Care of North America (MCNA), Inc., […] The post Multi-million-dollar Settlement Agreed to Resolve MCNA Dental Data Breach Lawsuit appeared first on The HIPAA Journal.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the…
Nintendo America employee records were exposed via TinyPulse after Shadowbyt3 claimed theft of HR files, tax forms, bank data, and staff survey responses.
New York, USA, 19th June 2026, CyberNewswire
AI agents can access data, trigger workflows, deploy code, and interact with critical business systems, often with little oversight. Token Security breaks down why AI agents are becoming a new identity and governance challenge. [...]
As threats proliferate and AI complicates cybersecurity, CISOs say the job is getting harder, but more companies still want cybersecurity expertise, if even on a part-time basis.
Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate resp…
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubborn…