惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

SecWiki News
SecWiki News
S
Securelist
L
Lohrmann on Cybersecurity
Y
Y Combinator Blog
P
Palo Alto Networks Blog
U
Unit 42
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Vercel News
Vercel News
Forbes - Security
Forbes - Security
Engineering at Meta
Engineering at Meta
Cyberwarzone
Cyberwarzone
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
Schneier on Security
J
Java Code Geeks
S
Security Affairs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
T
Tor Project blog
Schneier on Security
Schneier on Security
P
Privacy & Cybersecurity Law Blog
The Last Watchdog
The Last Watchdog
F
Full Disclosure
L
LINUX DO - 最新话题
Help Net Security
Help Net Security
有赞技术团队
有赞技术团队
Microsoft Security Blog
Microsoft Security Blog
P
Proofpoint News Feed
S
Security @ Cisco Blogs
S
Secure Thoughts
H
Hacker News: Front Page
T
The Exploit Database - CXSecurity.com
A
Arctic Wolf
N
News | PayPal Newsroom
C
Cyber Attacks, Cyber Crime and Cyber Security
Cloudbric
Cloudbric
H
Hackread – Cybersecurity News, Data Breaches, AI and More
阮一峰的网络日志
阮一峰的网络日志
Hugging Face - Blog
Hugging Face - Blog
M
MIT News - Artificial intelligence
Project Zero
Project Zero
G
Google Developers Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
T
Threat Research - Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
爱范儿
爱范儿
C
CXSECURITY Database RSS Feed - CXSecurity.com
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC

Security Affairs

Why pure extortion is replacing traditional ransomware Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets Authorities arrest 23-year-old accused of running the Kimwolf botnet U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog Global law enforcement operation takes First VPN offline Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload Discord adds end-to-end encryption to voice and video calls by default PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch Microsoft issues YellowKey mitigation, no patch yet Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free A malicious VS code extension just breached GitHub ‘s internal repositories DirtyDecrypt: PoC Released for yet another Linux flaw Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash Drupal is rolling out an emergency security update on May 20. You cannot miss it Microsoft dismantled malware-signing network Fox Tempest Poland shifts away from Signal following cyberattacks on officials’ accounts Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects Shai-Hulud worm copycats emerge after source code leak Grafana confirms GitHub token breach cybercrime group claims the attack ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97 Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog Russian APT Turla builds long-term access tool with Kazuar Botnet evolution OpenAI hit by supply chain attack linked to malicious TanStack packages Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day Ghostwriter group resumes attacks on Ukrainian Government targets Researchers uncover YellowKey and GreenPlasma Windows Zero-Days Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog Linux Kernel bug Fragnesia allows local root access attacks Broadcom releases VMware Fusion security update for root access bug NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign Nitrogen Ransomware claims massive data theft from Foxconn Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming OpenLoop Health confirms January 2026 Data breach affecting 716,000 Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations Instructure settles with hackers following massive student data theft Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator Hackers accessed BWH Hotels reservation system for months The world’s most “Dangerous” AI, Anthropic’s Mythos, found only one flaw in curl Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor WannaCry, the ransomware attack that changed the history of cybersecurity Android banking Trojan TrickMo evolves using TON network for C2 Identity security firm SailPoint discloses GitHub repository breach Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits Crimenetwork returns after takedown, dismantled again by German authorities U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog Instagram removed end-to-end encryption for DMs. What should users do? New cPanel vulnerabilities could allow file access and remote code execution Official JDownloader site served malware to Windows and Linux users between May 6 and May 7 SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96 Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence Braintrust security incident raises concerns over AI supply chain risks RansomHouse says it breached Trellix and exposes internal systems Cyberattacks on Poland’s Water Plants: A Blueprint for Hybrid Warfare Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog Cisco patches high-severity flaws enabling SSRF, code execution attacks From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog Taiwan High-Speed Rail Emergency Braking Hack: How a Student Stopped the Trains and Exposed a Major Security Gap After 17 years, Gavril Sandu extradited to U.S. for hacking scheme Iranian cyber espionage disguised as a Chaos Ransomware attack Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE Palo Alto Networks PAN-OS flaw exploited for remote code execution Malicious PyTorch Lightning update hits AI supply chain security U.S. court sentences Karakurt ransomware negotiator to 8.5 years Vimeo confirms breach via third-party vendor impacts 119K users Critical Android vulnerability CVE-2026-0073 fixed by Google Microsoft warns of global campaign stealing auth tokens from 35K users Educational tech firm Instructure data breach may have impacted 9,000 schools MOVEit automation flaws could enable full system compromise Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940 U.S. CISA adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog AI speeds flaw discovery, forcing rapid updates, UK NCSC warns Bluekit phishing kit enables automated phishing with 40+ templates and AI tools Salt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defenses SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 95 U.S. CISA adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog Security Affairs newsletter Round 575 by Pierluigi Paganini – INTERNATIONAL EDITION Google Revamps Bug Bounty Programs: Android Rewards Rise, Chrome Payouts Drop in the Age of AI Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling Trellix discloses the breach of a code repository New Deep#Door RAT uses stealth and persistence to target Windows Digital attacks drive a new wave of cargo theft, FBI says
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded - Security Affairs
https://www.facebook.com/sec.affairs · 2026-06-17 · via Security Affairs

iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand.

iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several weeks. The data is then analyzed using proprietary algorithms and reviewed by clinicians to help diagnose conditions such as Atrial Fibrillation and other heart rhythm disorders.

iRhythm disclosed a cyberattack in an SEC Form 8-K filed on June 10. Someone got into third-party-hosted business applications, grabbed data, and then asked to be paid to keep quiet about it.

“On June 8, 2026, iRhythm Holdings, Inc. identified unauthorized activity involving data maintained on certain third-party-hosted business applications.” reads the SEC Form 8-K report. “The Company promptly activated its cybersecurity response plan and launched an investigation with the support of external advisors and cybersecurity experts to assess and contain the threat.”

On June 9, 2026, iRhythm received an extortion demand from a threat actor claiming to have stolen proprietary data, protected health information, and other personal data. The company later confirmed the data breach from third-party-hosted business applications via a social engineering attack and deemed the incident material.

The digital healthcare firm stated that clinical and medical device systems, patient safety, operations, and customer connections were not affected, and no payment card or financial account data was involved.

The company did not reveal which specific application was compromised and did not disclose technical details about the attack.

“On June 9, 2026, the Company received communications from a threat actor claiming to have obtained sensitive information, including proprietary data, patient protected health information and other personal information.” continues the report. “The communications from the threat actor demanded payment in exchange for not publicly disclosing this information.”

The company is investigating the scope of the incident.

No ransomware group has publicly claimed the attack, and it’s not known whether iRhythm has engaged in negotiations with the attacker.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。