SecurityWeek reports that the Oregon Department of Environmental Quality had more than 2.5 TB of data claimed to have been compromised by the Rhysida ransomware operation in an attack last week following the agency's assertion that none of its data had been impacted by the incident.
Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding the threat of credential exposure stemming from the compromise of a legacy Oracle cloud environment, which the company has only reported to clients in private, reports The Record, a news site by cybersecurity firm Recorded Future.
New York-based infusion center operations management software firm Endue Software and Illinois-based private ambulance service provider Medical Express Ambulance have confirmed being impacted by separate cyberattacks that cumulatively affected more than 236,000 individuals, according to Cybernews.
SecurityWeek reports that Texas-based third-party insurance administrator Landmark Admin and Georgia-based software solutions provider Young Consulting have updated their respective breach filings with the Office of the Maine Attorney General to indicate that more individuals had their information compromised than initially disclosed.
Notorious online forum 4chan has been taken down following a significant cyberattack claimed by members of the Soyjak.party imageboard, or The Party, on Monday, according to BleepingComputer.
Seven organizations have already been compromised in intrusions exploiting the critical zero-day deserialization flaw impacting the Gladinet CentreStack enterprise file-sharing platform and Triofox on-premises file-sharing server, tracked as CVE-2025-30406, reports Cybersecurity Dive.
New York-based insurance firm Lemonade which has gained notoriety over its usage of artificial intelligence and chatbots for claims processing has confirmed the compromise of thousands of individuals' driver's license numbers collected between April 2023 and September 2024 following the exploitation of an online application platform vulnerability, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that major U.S. multinational car rental company Hertz has confirmed that data from its customers in the U.S. and other parts of the world had been compromised in a Clop ransomware attack against vulnerable Cleo managed file transfer software instances between October and December.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
