SecurityWeek

HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack.

Evan Light was sentenced to 20 years in federal prison for hacking an investment holdings company and stealing $37 million in cryptocurrency.

Memorial Hospital and Manor says 120,000 people had their personal information stolen in a November 2024 ransomware attack.

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry?

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash. 

ThreatMate has raised $3.2 million in seed funding for its AI-powered attack surface management solution for MSPs.

Noteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report, cybersecurity salaries data.  

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack.

UK engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its systems.

University Diagnostic Medical Imaging and Allegheny Health Network have disclosed data breaches impacting approximately 430,000 patients.

An analysis by Chainalysis shows that ransomware payments dropped to $813 million in 2024, from $1.25 billion in 2023. 

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware.

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

Astra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

Five Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats.

The blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable.

Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications.

Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.