Issue #164 - August 25, 2025
- Weekly INK
- Aug 25
- 2 min read
DaVita ransomware attack exposed data of nearly 2.7 million people
Source: BleepingComputer
On August 22, BleepingComputer reported that a ransomware attack against dialysis provider DaVita compromised personal and health information of nearly 2.7 million patients. Attackers breached a third‑party patient portal on July 16 and stole names, birth dates, addresses, Social Security numbers, health‑insurance details and clinical information. DaVita is notifying victims and offering credit monitoring.
Ransomware Actor Deletes Data and Backups Post‑Exfiltration on Azure
Source: Infosecurity Magazine
Infosecurity Magazine reported on August 28 that a financially motivated group known as Storm‑0501 used hybrid on‑premises and cloud access to steal data from a victim’s Microsoft Azure environment, delete backups and then demand ransom. Microsoft’s threat‑intelligence team said Storm‑0501 rapidly exfiltrated data, pivoted between Active Directory domains and gained global‑administrator privileges before wiping Azure resources.
Someone Created the First AI‑Powered Ransomware Using OpenAI’s gpt‑oss:20b Model
Source: The Hacker News
On August 27, The Hacker News revealed that security firm ESET discovered an AI‑powered ransomware proof‑of‑concept called PromptLock. The Golang‑based malware uses a local instance of OpenAI’s gpt‑oss:20b model via the Ollama API to generate malicious Lua scripts in real time. PromptLock can enumerate files, exfiltrate data and encrypt Windows, Linux and macOS systems.
OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail
Source: Security Week
Autonomous vehicles and many other automated systems are controlled by AI; but the AI could be controlled by malicious attackers taking over the AI’s weights. Weights within AI’s deep neural networks represent the models’ learning and how it is used. A weight is usually defined in a 32-bit word, and there can be hundreds of billions of bits involved in this AI ‘reasoning’ process. It is a no-brainer that if an attacker controls the weights, the attacker controls the AI.
Chinese Telecom Hackers Strike Worldwide
Source: Data Breach Today
The Chinese hackers responsible for breaking into telecom networks across the globe capitalize on already documented vulnerabilities, principally in Cisco routing equipment, warn a slew of national cybersecurity agencies. Chinese nation-state hackers commonly tracked as Salt Typhoon penetrated nine U.S. telecoms in a campaign that became public knowledge in December 2024.