New Gogs zero-day flaw lets hackers get remote code execution
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]
Healthcare Orgs Lack Confidence in Ability to Defend Against an AI-incited Identity Breach The HIPAA Journal
Healthcare organizations have embraced AI and are using AI agents to perform a range of functions, including handling IT support […] The post Healthcare Orgs Lack Confidence in Ability to Defend Against an AI-incited Identity Breach appeared first on The HIPAA Journal.
MSPs don't lack security data. They struggle to separate real threats from alert noise. Kaseya explains how SIEM helps MSPs improve visibility, reduce fatigue, and respond faster. [...]
Lakeview Health Systems Settles Class Action Data Breach Lawsuit The HIPAA Journal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The develop…
A settlement has been negotiated to resolve a class action lawsuit against Lakeview Health Systems LLC. The lawsuit stemmed from […] The post Lakeview Health Systems Settles Class Action Data Breach Lawsuit appeared first on The HIPAA Journal.
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta…
A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. [...]
In this latest installment of the Reporters' Notebook video series, we discuss how cyber insurance is forcing organizations to quantify risk, what's covered (and what's not), and why this could be the best thing to happen to cybersecurity.
Many organizations can detect network issues quickly, but investigations and coordination often slow incident resolution. This webinar explores how automation and AI-assisted workflows can help IT teams reduce delays and improve response times. [...]
By Harshit Jain MD - In healthcare, authority is built over decades and can be compromised quickly. In the AI era, authority will belong to organizations that own their intelligence layer, not rent it. The post The Publisher-Owned Intelligence Layer appeared first on Health IT An…
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distribu…
Carnival Corporation, the world's largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in April 2026. [...]
A cybercriminal group that targets law firms, healthcare providers, insurance, and finance companies using phishing and social engineering tactics is conducting a new data theft and extortion campaign. The aim of the campaign is to trick employees into providing remote access to …
A Canadian man was sentenced to 33 years in prison after pleading guilty to targeting more than 145 children across the United States, some as young as 6 years old, in an eight-year-long sextortion scheme. [...]
An advanced remote access Trojan is propagating online. Notably, it's delivered via an operator licensing model and features a no-code malware-development interface.
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social en…
New HIPAA Encryption Requirements Are Coming…Are You Ready? Security Boulevard
Artificial intelligence notwithstanding, the vast majority of CISOs in northern Europe say they're facing no more serious cyberattacks than they did two years ago.