The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling. The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City. The community was established in 1964 […]
The U.S. CISA and the FDA warned of a hidden backdoor in Contec CMS8000 and Epsimed MN-120 patient monitors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) warned that three flaws in Contec CMS8000 and Epsimed MN-120 patient monitors could endanger patients when connected to the internet. The CMS8000 […]
Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them. Community Health Center (CHC) is a leading healthcare provider based in Connecticut, offering primary care, dental, behavioral health, and specialty services. It serves a diverse patient population, focusing on accessible and affordable healthcare, particularly for underserved […]
Italy’s data protection authority Garante blocked the DeepSeek AI service due to insufficient transparency regarding user data process. Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek ‘s chatbot service within the country, citing a lack of information on its use of users’ personal data. The AI-powered chatbot, recently launched globally, has rapidly gained […]
Broadcom patched five flaws in VMware Aria Operations and Aria Operations for Logs that could lead to privilege escalation and credential theft. Broadcom addressed the following vulnerabilities in VMware Aria Operations and Aria Operations for Logs: The above vulnerabilities impact versions 8.x of VMware Aria Operations and VMware Cloud Foundation 5.x, 4.x. VMware Aria Operations […]
Chinese AI platform DeepSeek has publicly exposed two databases containing highly sensitive user and backend details. Wiz Research discovered a publicly accessible ClickHouse database belonging to DeepSeek, exposing chat history, secret keys, and backend details. After responsible disclosure, DeepSeek promptly secured the issue. “Within minutes, we found a publicly accessible ClickHouse database linked to DeepSeek, […]
TeamViewer has patched a high-severity privilege escalation vulnerability affecting its Windows client and host applications. TeamViewer released security patches for a high-severity elevation of privilege vulnerability, tracked as CVE-2025-0065 (CVSS score of 7.8), in its remote access solutions for Windows. The vulnerability is an improper neutralization of argument delimiters in the TeamViewer_service.exe component of TeamViewer […]
An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. The message displayed on the targeted cybercrime websites states that authorities have seized the platforms, along with […]
The open-source PHP package Voyager is affected by three vulnerabilities that could be exploited to achieve one-click remote code execution on affected instances. Voyager is a popular open-source PHP package for managing Laravel applications, offering an admin interface, BREAD operations, media, and user management. During an ordinary scan activity, SonarSource researchers reported an arbitrary file write vulnerability in […]
Italy’s data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italy’s Data Protection Authority Garante has asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. “The Italian Data Protection Authority has sent a request for […]