CyberSecurity News

American Addiction Centers (AAC) has disclosed a data breach that compromised the personal information of 422,424 individuals.

On December 23, 2024, CloudSEK's TRIAD team revealed critical security vulnerabilities in Postman Workspaces, with over 30,000 publicly accessible workspaces leaking sensitive data, such as API keys, access tokens, and administrator credentials.

Ascension Health is notifying approximately 5.6 million individuals of a ransomware attack in May 2024 that compromised their personal, medical, and payment data. The attack occurred on May 8, causing significant service disruptions that led hospitals to revert to downtime procedures and divert emergency services.

McDonald’s India patched critical API vulnerabilities in its McDelivery system that could have enabled free orders, data theft, and driver information leaks.

Cybersecurity researcher Jeremiah Fowler uncovered a 1.2TB misconfigured database from Builder.ai, exposing over 3 million records without authentication or passwords.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to federal agencies to patch a critical vulnerability in BeyondTrust's remote access products by December 27. The vulnerability, CVE-2024-12356, is a command injection flaw (CVSS score of 9.8) that can be exploited without authentication and has been actively exploited in the wild.

The Play ransomware group has claimed responsibility for a data breach at Krispy Kreme, threatening to release sensitive internal company data within two days. Known for its double-extortion model, the group exfiltrates and encrypts data, pressuring victims to meet ransom demands or face public exposure of stolen information.

As cryptocurrency adoption grows, so do scams targeting investors and traders. Common threats include phishing, malware, Ponzi schemes, fake wallets, and pump-and-dump frauds. Scammers exploit trust and technical vulnerabilities, often using advanced tactics like deepfakes, fake apps, and AI-generated phishing campaigns.

Earth Koshchei, also known as APT29 or Midnight Blizzard, has been linked to a sophisticated rogue Remote Desktop Protocol (RDP) campaign aimed at espionage and data theft. Using tools like commercial VPNs, TOR, and residential proxies, the group obscures their activities to evade detection and attribution.

LKQ Corporation, a leading US auto parts provider with 45,000 employees across 1,600 locations globally, disclosed a cyberattack affecting a Canadian business unit. Unauthorized access to IT systems was detected on November 13, causing disruptions for a few weeks, though operations have largely recovered.

The ransomware group Cicada3301 has claimed responsibility for breaching Concession Peugeot, a French automotive dealership, stealing 35GB of sensitive data, including invoices, internal communications, and passport copies.

Yianni Charalambous, a renowned luxury car customizer in England, is working to make a Tesla Cybertruck road-legal in the UK, which would mark the first such approval in the country.