Cybersecurity News

Michigan-based McLaren Health Care has disclosed a significant data breach affecting 743,131 individuals after a ransomware attack compromised its systems in July and August 2024. This incident is the second major breach for the organization in recent years, following a 2023 attack that impacted over 2 million people.

Cybersecurity circles have been focused on a new threat actor claim regarding a zero-day exploit targeting Fortinet FortiGate firewalls. This claim emerged on a prominent dark web forum and has raised significant alarm due to the exploit’s purported capabilities and the critical role FortiGate devices play in enterprise network security.

European police, led by Denmark and Sweden, are intensifying efforts to dismantle a disturbing new criminal model known as “violence-as-a-service” (VaaS), in which organized crime groups recruit teenagers online to carry out contract killings. This crackdown is a response to a surge in cross-border violence facilitated by encrypted apps and social media platforms, which allow gangs to outsource violent crimes—including shootings and assassinations—to young people, some as young as 14.

A new joint report by FS-ISAC and Akamai, titled From Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector, highlights a sharp escalation in both the frequency and sophistication of distributed denial-of-service (DDoS) attacks targeting the global financial sector. The findings underscore a strategic shift in cybercriminal tactics, with significant consequences for financial institutions, their customers, and the broader economy.

Defense Advanced Research Projects Agency (DARPA) has issued a significant call to the private sector, urging industry partners to assist in improving and strengthening cybersecurity for the Department of Defense (DoD). This initiative is part of a broader strategy to address escalating cyber threats targeting U.S. military and critical infrastructure systems.

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme have recently introduced a “Call Lawyer” feature, offering legal counsel to their affiliates as a means to increase pressure on victims during ransom negotiations. This development is part of a broader strategy to make Qilin stand out in the cybercrime marketplace by providing a full suite of services to affiliates, including legal assistance, negotiation support, data storage, DDoS capabilities, and even media support.

On Wednesday night, June 18, 2025, Iran’s state-owned television broadcaster was hacked, interrupting regular programming to air videos calling for street protests against the Iranian government. The broadcast was briefly hijacked, with footage showing women cutting their hair and messages urging citizens to “rise up” and “take control of your future”. The disruption was widely shared on social media and quickly drew both domestic and international attention.