Mathew J Schwartz

Nation-State Hackers Play the Vibes All the nation-state hackers are vibe coding. Vibeware won't win any coding awards. It's not pretty. It doesn't target any zero-day vulnerabilities or known flaws

More fizzle, less sizzle, still successful: More nation-state hackers embrace vibeware (vibe coding malware) to produce a glut of attack options that may not be pretty, but which in all their emoji-filled glory are good enough to take down many targets. 👾 ❤️
www.databreachtoday.com/nation-state...

Ransomware attack on University of Hawaii Cancer Center's epidemiology division last August affected 1.2 million individuals, exposing PII dating back more than 30 years.
www.databreachtoday.com/cancer-cente...

An OT Incident Scoring System Inspired by Natural Disasters Hurricanes, tornados, earthquakes - and now operational technology cyber incidents - all can receive a numerical score based on their severity, although a new

Disaster planning: Hurricanes, tornados, earthquakes - and now operational technology cyber incidents - can receive a numerical score based on their severity. But the OT effort faces an uphill battle.
www.databreachtoday.com/ot-incident-...

Reputation aside, most pen pushers in state governments don't actually like pushing paper. They also don't care to force citizens to fill out forms in triplicate. Can agentic AI help? www.databreachtoday.com/agentic-ai-e...

Global Push for Age Verification Raises Security Concerns A push by governments across the globe for tech companies verify users' age is gathering steam, following Australia's implementation in December of a ban on

Global push for age verification raises security concerns
www.databreachtoday.com/global-push-...

Juniper PTX routers at risk, critical takeover flaw disclosed www.databreachtoday.com/juniper-ptx-...

Amazon Says Drone Strikes Disrupted Middle East Data Centers Physical effects rather than cyber strikes are triggering Middle Eastern connectivity problems during day four of a sustained U.S. and Israeli bombing campaign

Physical effects rather than cyber strikes are triggering Middle Eastern connectivity problems during day four of the U.S. and Israel-Iran war. www.govinfosecurity.com/amazon-says-...

Iranian Cyber Proxies Active But Not Nation-State Hackers Iranian cyber proxies are girding for revenge while nation-state hackers in Tehran have gone quiet, whether to shelter from an onslaught of missile attacks or

In US and Israel's war with Iran, Iranian cyber proxies have been active, but not Iran's nation-state hackers, who appear to be sheltering from bombs or cut off from internet www.govinfosecurity.com/iranian-cybe...

Western Cybersecurity Experts Brace for Iranian Reprisal Organizations across the West and allied nations should prepare for Iranian cyberattacks in the wake of Israeli and U.S. ongoing strikes, threat intelligence firms

Western cybersecurity experts brace for Iranian reprisals
www.govinfosecurity.com/western-cybe... @superglaze.bsky.social

Answer: Probably not

US and Israel Launch 'Major Combat Operations' Against Iran U.S. President Donald Trump announced the launch of "major combat operations in Iran," in coordination with Israel, targeting the regime in Tehran over

U.S. President Donald Trump announced the launch of "major combat operations in Iran," in coordination with Israel, targeting regime in Tehran over its nuclear ambitions, which responded with missile attacks. Cybersecurity experts forecast online reprisals. www.govinfosecurity.com/us-israel-la...

Weekly Cryptohack Roundup
—Step Finance folds after exploit
—IoTeX bridge exploit
—Russia-linked exchanges help evade sanctions
—Australian charged in $3.5M scam
—Hacker returns $21M in seized bitcoin to prosecutors
—Malaysia busts officers in extortion case
www.databreachtoday.com/cryptohack-r...

Suspected Chinese Cyberespionage Operation Hits 53 Telecoms Likely Chinese nation-state hackers used online spreadsheets as infrastructure for hacking campaigns that affected at least 53 telecom operators across 42

A suspected Chinese cyberespionage operation, and not Salt Typhoon, has infiltrated at least 53 telecoms worldwide. Google unmasked and disrupted the group, which was using Google Sheets for command-and-control purposes.
www.databreachtoday.com/suspected-ch...

Medical Device Maker Reports Data Theft Hack to SEC UFP Technologies, a Massachusetts-based maker of single-use medical devices and other healthcare supplies, has notified the U.S. Securities and Exchange Commission

Medical device maker reports data theft hack to SEC
www.databreachtoday.com/medical-devi...

Breach Roundup: Finnish Hacker Sentenced to Nearly 7 Years This week, Finland's Aleksanteri Kivimäki sentenced. ShinyHunters breaches. Laptop farm rancher sentenced. Oregon state agency hacker sentenced. African scammers

Weekly Data Breach Roundup
—Finnish psychotherapy center hacker sentenced to nearly 7 years
—ShinyHunters claims breaches at Dutch telecom Odido and car marketplace CarGurus
—Ukrainian lands 5-year federal prison sentence for running North Korean laptop farms
www.databreachtoday.com/breach-round...

Police Target Violent Online Predators Incubated by the Com A global law enforcement initiative to coordinate the disruption of violent online extremism targeting minors and vulnerable individuals swept up 30 suspected

Police target violent online predators incubated by the cybercrime community known as The Com, which continues to promote online extremism targeting children
www.databreachtoday.com/police-targe...

Victim count in 2024 hack on Conduent Business Services balloons again. The Xerox-spinoff now tells regulators the incident affected "25 million-plus" people across the United States.
www.databreachtoday.com/conduent-say...

Feds Scramble Amid Shutdown to Secure Cisco SD-WAN Systems The Cybersecurity and Infrastructure Security Agency issued a directive Wednesday ordering civilian agencies to secure and hunt for compromise in vulnerable Cisco

Feds scramble amid shutdown to secure Cisco SD-WAN systems, amidst new reports of exploitation as a zero-day since 2023 www.databreachtoday.com/feds-scrambl...

Marquis sues SonicWall over 2025 firewall data breach, claims cloud backup flaw led to ransomware attack succeeding www.databreachtoday.com/marquis-sues...

Mississippi Medical Center's healthcare clinics still closed after ransomware attack
www.databreachtoday.com/mississippi-...

North Korean Hackers Continue to Target US Healthcare North Korean-state backed Lazarus Group hackers are using Medusa ransomware in extortion attacks on U.S. healthcare entities despite a 2024 U.S. indictment of Rim

Classical threat: North Korean hackers continue to target US healthcare firms, now with the addition of Medusa ransomware to add an extortion component www.databreachtoday.com/north-korean...

Risking an own goal: Funding cuts are straining World Cup security plans, experts warn www.databreachtoday.com/experts-warn...

Great piece

European Capitals Balk at Proposed GDPR Change A rejection by European Union member governments of proposal backed by the European Commission to make it easier to share data about individuals won cautious

Good news - EU countries are pushing back against the Commission's plan to defang the GDPR www.govinfosecurity.com/european-cap...

Hackers Gain Speed, Not Major New Tradecraft, Using AI Tools Artificial intelligence tools are helping hackers find and exploit vulnerable systems more quickly, and accelerate everything from initial access to data

Hackers unleashing AI-augmented attacks are gaining speed and efficiency, but so far researchers see no signs of any major new tradecraft breakthroughs thanks to using AI tools www.databreachtoday.com/hackers-gain...

PayPal ties small data breach and fraud to app coding error, says personal data exposed for about 100 business users of loan app and all fraud has been reimbursed.
www.databreachtoday.com/paypal-ties-...

Why Claude Code Security Has Shaken the Cybersecurity Market Anthropic's debut of Claude Code Security jolted cybersecurity stocks and intensified competition in application security testing. It promises deep reasoning around identifying and remediating code vu...

The debut of Claude Code Security brought Anthropic into direct competition with the biggest pure-play cybersecurity vendors in the world, and investors have noticed. Here's why.
www.databreachtoday.com/blogs/claude...

Anthropic's AI Bug Hunter Jolts Cyber Stocks Anthropic launched Claude Code Security, an AI tool that found 500+ undetected bugs in production code. Cybersecurity stocks dropped sharply, but analysts are split

Anthropic's AI bug hunter jolts cyber stocks
www.databreachtoday.com/anthropics-a...

Cashing Out: ATM Jackpotting Attacks Surging Across US Malware-wielding criminals "jackpotted" ATMs across the United States last year to walk away with $20 million thanks to "cash-out" attacks.

Malware-wielding criminals "jackpotted" ATMs across the United States last year to walk away with $20 million in stolen cash, oftentimes thanks to using Ploutus malware. The FBI is urging ATM operators to lock down their devices.
www.bankinfosecurity.com/cashing-out-...

'Promptware' Attacks Await an Unprepared AI Industry The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers

Prompt injection, or feeding rogue instructions to an artificial intelligence system, merits its own classification as "promptware" - malware that uses a large language model as its own execution engine, say researchers.
www.databreachtoday.com/promptware-a...