DataBreachToday.com

Also, Australian Police Arrest 55 in New Round of Anom App Sting
This week: UPenn hit by email breach, Australian police arrested 55, 'SesameOp' backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo, Ukrainian national extradited to United States for role in Conti ransomware and a supply chain risk in advanced installer tool.

Central Jersey Medical Center Runs Health Centers for Schools in Newark
Central Jersey Medical Center, a federally qualified health center that partners with public schools in Newark, New Jersey, is notifying an undisclosed number of people of a data breach related to an August ransomware attack. The incident is latest to hit a resourced-stretched healthcare provider.

Learn the Business, Be Intentional, Find a Mentor and Build Non-Technical Skills
New to cybersecurity? Start by learning how organizations work - their people, processes and priorities - before diving deep into technical stacks. Understanding how to translate technical findings into business risk differentiates a professional from a technician.

DOJ: Suspects Hit 5 Firms, Including 3 in Healthcare, Netted $1.3M in Ransom Money
Three former employees of two cybersecurity firms stand accused of using BlackCat ransomware in a conspiracy to extort five U.S. companies, including three in the healthcare sector. One of the victim companies paid nearly $1.3 million to the attackers, U.S. federal prosecutors said.

DHS Plans to Expand SAVE Database Use Raise Privacy, Accuracy and Security Concerns
A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. Critics caution it accelerates a pattern of data being repurposed by the Trump administration for surveillance.

Chinese Hackers Target European Diplomats with LNK File Flaw
Chinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.

Funding Round Led by Goldman Sachs Boosts Valuation to $6.1 Billion
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. Cyber exposure management firm Armis dipped its toe in the market Wednesday, announcing a pre-IPO funding round of $435 million that boosted the company's valuation to $6.1 billion.

Google Details How Attackers Could Use LLMs to Mutate Scripts
Malware authors are experimenting with a new breed of artificial intelligence-driven attacks, with code that could potentially rewrite itself as it runs. Large language models are allowing hackers to generate, modify and execute commands on demand, instead of relying on static payloads

German Payment Processor Insiders Accused of Laundering Fake Subscription Proceeds
Police have arrested 18 suspects as part of a global crackdown targeting fraud and money laundering networks tied to the theft of $345 million by using 4.3 million cardholders' stolen data to sign them up to fake dating, pornography or streaming sites that billed monthly.

Joint Platform to Offer Human-Led, Automated Application Security in One Place
Bugcrowd acquired Mayhem Security to integrate automated application testing with human-led testing capabilities. The company plans to embed Pittsburgh-based Mayhem's reinforcement learning tech and AI models into its broader platform to speed up vulnerability detection.

Largest Breach of 2025 Hits 10.5M People, Multiple Insurers, State Agencies
Proposed federal class action litigation and various investigations are piling up against Conduent Business Solutions following its recent public disclosure that an October 2024 hacking incident potentially compromised personal and health information of more than 10.5 million people.

Officials Say Major Staffing Cuts and Furloughs Undercut Response to F5 Cyberattack
Current and former federal officials tell Information Security Media Group furloughs and leadership gaps across the federal cyber ecosystem have hindered the U.S. government's ability to coordinate response efforts after a nation-state actor exploited flaws in F5’s BIG-IP systems amid the shutdown.

Global Conflicts and Tariff Wars Are Driving New OT Threats and Supply Chain Risks
Global conflicts and tariff wars provide new opportunities for cyber adversaries, especially those targeting operational technology systems. Now attackers are focusing on fragile supply chains. Claroty researchers predict attackers will breach at least one major cyber-physical system in the next year.

AI's Impact on Productivity and Employment Demands Proactive Policy Action
The future of work is no longer speculative, it is already being coded. From automated writing assistants to robotic warehouse employees, artificial intelligence is entering every part of the modern workforce faster than regulations or social frameworks can adapt.

Google Warns of Cyber Trends Gaining Traction
The virtualized layer of technology underpinning modern IT deployments is transforming from a strength to a cybersecurity vulnerability, warns Google in a report extrapolating current trends. A confluence of factors are converting virtualized environments into a "critical blind spot."

AWS to Build Server Clusters, Nvidia to Supply Chips for 7 Years
Loss-making OpenAI added to a string deals with a $38 billion commitment on Monday to using compute resources provided by Amazon Web Services. The AI giant said AWS will build out server clusters using Nvidia flagship Blackwell chips for the next seven years.

Devices Unpatched Since October 2023 Are Vulnerable
The Australian cyber defense agency warned that hackers are attacking unpatched Cisco IOS XE enterprise devices to leave behind a web shell the networking manufacturer calls "BadCandy." At least 150 Cisco devices in Australia carry the implant as of late October.