BankInfoSecurity.com

Unauthenticated Hackers Exploit CVE-2025-31324 to Upload Webshells
Threat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. On Friday, SAP's security division, Onapsis, disclosed that CVE-2025-31324 is "actively exploited in the wild."

Co. Is Already Facing Several Lawsuits Based on Its Much Lower Victim Estimates
Employee benefits administrator Verisource Services Inc. has told regulators that a hack discovered in February 2024 has affected 4 million individuals, up significantly from initial estimates reported last summer. The company already faces several lawsuits involving its earlier lowball estimates.

4-Day Cybersecurity Event Covers Emerging Tech, Latest Cyberthreats
ISMG Editors convened in San Francisco for coverage of RSAC Conference. Panelists shared an overview of opening-day speakers and hot topics, including the growth of AI, uncertainties in the global threat landscape, the Innovation Sandbox contest and Cryptographers' Panel session.

Enforcement Action Is Latest Under Agency's Ransomware, Risk Analysis Initiatives
Federal regulators fined a New York neurology practice $25,000 following an investigation into a 2020 ransomware breach affecting nearly 7,000 individuals. Comprehensive Neurology failed to conduct an accurate and thorough risk analysis, regulators said.

Analyzing Measuring What Matters, Not What Models Practice
In the frenzy to top leaderboards, AI teams optimize for benchmarks rather than genuine progress, and as a result, scores on static tests tell us more about a model's memorization tactics than its ability to navigate real world environments.

Tyler Buchanan, a 23-year-old Scottish Man Extradited to the US on Wednesday
Spanish authorities extradited on Wednesday the suspected head of the Scattered Spider cybercrime group to the United States, where he is being held without bail in a downtown Los Angeles federal prison. Tyler Buchanan, 23, faces charges for wire fraud, aggravated identity theft and conspiracy.

Hackers Hit Maryland Medical Group and California Hospital, Claim 480 GB Data Theft
Two separate ransomware hacks of a Maryland medical group and a California hospital resulted in data thefts affecting more than 1.1 million patients, according to recent reports to regulators. Cybercriminals claim to have leaked 480 gigabytes of data from one of the attacks.

US Cyber Agency Denies Looming Deadlines Amid Reports of Expanded Workforce Buyouts
The U.S. Cybersecurity and Infrastructure Security Agency on Friday dismissed as false reports of a looming buyout deadline and expanded resignation offers, calling them misinformation. There is no Monday deadline, a spokesperson said.

Company Eyes Product Innovation and Strategic M&A After Rapid 30x ARR Growth
CEO Varun Badhwar says Silicon Valley-based Endor Labs will use its $93 million Series B funding to build AI-powered code security tools, boost community outreach and target key acquisitions, helping enterprises secure faster, AI-assisted software development.

Also: Supply Chain Security in Wake of US Tariffs, AI's Role in the SOC
In this week's update, ISMG editors discussed takeaways from Verizon's annual Data Breach Investigations Report, the cybersecurity ripple effects of the disruptive U.S. tariff policy, and why artificial intelligence tools still aren't ready to take over the security operations center.

Challengers Include Ex-OpenAI Staff, Geoffrey Hinton, Margaret Mitchell
A coalition comprising AI experts and former OpenAI staffers urged regulators to halt the artificial intelligence giant's plan to convert into a for-profit corporation. They contend that handing over full operational reins could dismantle safeguards to ensure AI serves humanity, not shareholders.

Incident Is Largest Health Data Breach Reported So Far to Feds in 2025
Yale New Haven Health System is notifying more than 5.5 million patients that their information was potentially among data stolen in a March hack. The incident, which is among several other recent major hacks, ranks is the largest health data breach reported to federal regulator so far this year.

Void Dokkaebi Campaigns Using Russia for Cryptocurrency Theft
North Korean hackers look north toward Russia for the internet infrastructure behind the many online scams that Pyongyang has built to funnel stolen cash into the rouge nation. Void Dokkaebi hackers participate in the North Korean scam of social engineering IT job seekers.

Hackers Deploying Infostealers for Data and Credential Theft
Hacks targeting cloud infrastructure rose significantly last year, with attackers exploiting misconfiguration and single sign-on features to deploy infostealers for data and credential theft. Hackers target centralized cloud assets secured with single sign-ons.

Experts Say White House AI Plan May Spur Innovation But Leave School Data at Risk
The White House issued an executive order Wednesday to expand the use of new artificial intelligence tools in U.S. K–12 schools, drawing expert warnings over the lack of cybersecurity safeguards to prevent data leaks or misuse by AI firms for model training.

AI-Powered Tools Protect Containerized Environments Against Sophisticated Attacks
Container security experts skilled in AI-driven defense tools are becoming critical as organizations rely more on containerized applications. These experts must contend with ephemeral workloads, secure CI/CD pipelines and implement real-time anomaly detection to protect cloud-native environments.

European Commission Also Fines Apple 500 Million Euros
European regulators said Facebook conducted an end run around privacy regulations by requiring users to pay a monthly subscription fee or else accept that their personal data would be fed to advertisers. The European Commission fined the social media giant 200 million euros.

Breach Victim Tally Soars Since Firm Filed an Initial Breach Report in Early April
Kelly Benefits is notifying nine large clients and nearly 264,000 individuals that their sensitive personal information was potentially compromised in a December data theft incident. The tally of affected people has climbed eight-fold since the company’s first estimate earlier this month.