"SecurityWeek's cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. Here are this week's stories:"
"The ShinyHunters group may have stolen the information of millions of customers of luxury brands Gucci, Balenciaga and Alexander McQueen, BBC reported. Parent company Kering has confirmed suffering a data breach, but said no financial information was compromised. The hackers claimed to have stolen data associated with 7.4 million unique email addresses. Goshen Medical Center, a healthcare organization in North Carolina, has disclosed a data breach impacting more than 450,000 people."
"Another significant healthcare data breach was reported by ophthalmology practice Retina Group of Florida. The organization detected an intrusion in November 2024 and its investigation showed that the information of over 150,000 people may have been compromised as a result of the incident. JFrog discovered four vulnerabilities in the Chaos engineering platform Chaos-Mesh, including three critical-severity flaws that could be exploited for code exe"
Multiple high-impact data breaches affected both luxury retail and healthcare organizations, with the ShinyHunters group claiming millions of email addresses from Kering brands and healthcare providers disclosing hundreds of thousands of exposed patient records. Goshen Medical Center reported a breach impacting over 450,000 people, and Retina Group of Florida reported more than 150,000 potentially affected records following a November 2024 intrusion. Ransomware activity and leak-site listings appear connected to some incidents. Security researchers also identified critical vulnerabilities in the Chaos-Mesh chaos engineering platform that include several critical-severity flaws capable of enabling code execution.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]