Issue #161 - August 4, 2025
- Aug 4, 2025
- 2 min read
On the Rise: Ransomware Victims, Breaches, Infostealers
Source: Data Breach Today
Cybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.
AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points
Source: Security Week
Thirteen percent of all breaches already involve company AI models or apps, says IBM’s 2025 Cost of a Data Breach Report. The majority of these breaches include some form of jailbreak.A jailbreak is a method of breaking free from the constraints, known as guardrails, imposed by AI developers to prevent users extracting original training data or providing them with information on inhibited procedures.
Hacks on 3 Specialty Medical Providers Affect Nearly 800,000
Source: Info Risk Today
Recent hacks on a provider of sleep disorder diagnostic gear and services, a network of medical imaging facilities and a multi-disciplinary cancer care center have affected nearly 800,000 patients. The breaches are among the latest rash of cybercriminal attacks plaguing the healthcare sector.
Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults
Source: Dark Reading
Researchers have unearthed nine zero-day security vulnerabilities in HashiCorp Vault and five in CyberArk Conjur, password vaults used by thousands of companies. Secret management platforms like these are the most sensitive systems you can find at any enterprise. It's why they're also referred to as "vaults”.
New EDR killer tool used by eight different ransomware groups
Source: Bleeping Computer
A new Endpoint Detection and Response (EDR) killer that is considered to be the evolution of 'EDRKillShifter,' developed by RansomHub, has been observed in attacks by eight different ransomware gangs. Such tools help ransomware operators turn off security products on breached systems so they can deploy payloads, escalate privileges, attempt lateral movement, and ultimately encrypt devices on the network without being detected.