DataBreachToday.com

Juniper Tells Customers to Tune Their Firewall
A critical vulnerability in Juniper Networks' primary operating system could give threat actors root level privileges to execute code on Juniper’s PTX Series routers. Successful exploitation would give attackers full command and control over devices without the need for authentication.

Fired Employee Illegally Downloaded 1M Patient Records
A former Nuance Communications IT worker has pleaded guilty in a criminal case that alleged he downloaded and stored on a personal hard drive containing 1.2 million patient records of a client, Geisinger Health, two days after he was terminated from his job in 2023.

Experts Warn of DDoS, Ransomware, Proxy And Other Attacks on Health Sector
The escalating conflict emerging from the U.S. and Israel military strikes this weekend on Iran, which killed the country's top leadership and crippled its internet connectivity, could erupt into cyberattacks against the healthcare sector by Iranian sympathizers and proxies, experts warn.

The Quantum Clock Is Ticking, But Is the C-Suite Ready?
Quantum computing has been hovering just out of reach of the enterprise technology world for years and "it's still right around the corner now," said Nick Kathmann, CISO at LogicGate.

Cyber Insurance Expansion Drives Insurance Industry Consolidation
Zurich Insurance Group has agreed to acquire U.K.-based Beazley in an $11 billion deal that would create a $15 billion global insurance powerhouse. The transaction strengthens Zurich's cyber insurance portfolio as demand surges for coverage tied to cyber and technology risks.

US and Israel May Have Launched 'Largest Cyberattack in History' Against Tehran
Organizations across the West and allied nations should prepare for Iranian cyberattacks in the wake of Israeli and U.S. ongoing strikes, threat intelligence firms warned as the first signs of the Iranian cyber counteroffensive became clear on Sunday

Trump Says Combat Targets Regime in Tehran, As Iran Responds With Missile Attacks
U.S. President Donald Trump announced the launch of "major combat operations in Iran," in coordination with Israel, targeting the regime in Tehran over its nuclear ambitions. Iran responded with missile attacks, as cybersecurity experts forecast online reprisals.

Connection Hub, AI Content and Global Keynotes on This Year's Agenda
RSAC Conference 2026 will celebrate its 35th anniversary next month with new community spaces, expanded AI programming and a global keynote lineup. From agentic AI and incident response to international leaders and hands-on learning labs, this year's event spotlights the power of community.

Defense Secretary Pete Hegseth Says He Has Designated Anthropic a 'Supply Chain Risk'
The Pentagon is escalating its feud with Anthropic after the company refused to loosen safeguards on its Claude model, threatening classified AI deployments and potentially creating months-long capability gaps across defense and contractor networks.

Former Mandiant Executive Bill Robbins Targets Browser-Based AI Security Growth
New CEO Bill Robbins said Menlo Security will boost growth by focusing on securing agentic AI runtimes through the browser, leveraging its visibility into web sessions to prevent prompt injection, malware and data loss. He also plans to sustain 40% plus revenue growth and drive toward profitability.

Announcement Comes Hours After Trump Blacklists Anthropic
OpenAI said late Friday night it reached an agreement with the U.S. Department of Defense to deploy its large language models onto military classified networks. The announcement came hours after President Donald Trump instructed federal agencies to cease using AI developed by OpenAI rival Anthropic.

Request for Information Is Part of a Broader Medicare, Medicaid Fraud 'Crackdown'
The U.S. Department of Health and Human Services will use "advanced" AI tools to more quickly detect Medicare and Medicaid fraud before scam claims are paid. As part of the "major crackdown" on healthcare fraud, HHS is also seeking public input on AI as regulators ponder potential rulemaking.

Also, More ShinyHunters Breaches, North Korea Laptop Farm Operator Sentenced
This week, Finland's Aleksanteri Kivimäki sentenced. ShinyHunters breaches. Laptop farm rancher sentenced. Oregon state agency hacker sentenced. African scammers arrested. MuddyWater AI-assisted hacks. Advantest ransomware incident, SolarWinds and Microsoft patches. FileZen flaw. QualDerm breach.

New Plugins Push AI Beyond Coding Deeper Into Enterprise Workflows
Anthropic's announcement this week that it has launched more Claude Cowork plugins to tackle enterprise workflows is just the latest advancement in the artificial intelligence company's rollout of features aimed at upending the way companies do work.

Analysts Warn Pentagon Feud With Anthropic Could Trigger Cascading Defense Impacts
Defense Secretary Pete Hegseth's ultimatum to Anthropic over expanded Claude access could trigger a months-long AI capability gap and disrupt the defense industrial base, as analysts warn that supply chain risk designations and compelled safeguards may destabilize national security AI strategy.

State Officials Investigating Breach of Back-Office Services Provider Found in 2025
The victim count in the 2024 hack on back-office support services vendor Conduent Business Services has just ballooned again, with the Xerox-spinoff now reporting to Wisconsin regulators that the incident affected "25 million-plus" people nationwide.

Emergency CISA Directive Lands as DHS Shutdown Strains Cyber Operations
The Cybersecurity and Infrastructure Security Agency issued a directive Wednesday ordering civilian agencies to secure and hunt for compromise in vulnerable Cisco SD-WAN systems after officials observed active exploitation - while warning that shutdown-related disruptions heighten operational risk.

Lawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against Marquis
Marquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits.