183M Patient Records Exposed: Fortified Health Security Releases 2025 Healthcare Cybersecurity Report

Blog

By January 16, 2025

Post Content

Blog

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The…

Read More OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Blog

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider. “This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp

Read More Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
Blog

CVE Disruption Threatens Foundations of Defensive Security

If the Common Vulnerabilities and Exposures system continues to face uncertainty, the repercussions will build slowly, and eventually the cracks will become harder to contain.

Read More CVE Disruption Threatens Foundations of Defensive Security
Blog

Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google’s infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. “The first thing to note is that this is a valid, signed email – it really…

Read More Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Blog

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. “Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today. Targets of the campaign

Read More China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
Blog

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a…

Read More Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Related