FDA drops Whoop warning letter over blood pressure feature
Whoop made changes to its blood pressure insights feature that satisfied the FDA’s requirements for wellness devices.
Whoop made changes to its blood pressure insights feature that satisfied the FDA’s requirements for wellness devices.
Researchers warn GhostShell is using fake drone documents to target Ukrainian defence teams, stealing passwords and sensitive data in a new cyber campaign.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers. [...]
Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, which targets cybercriminal services and ransomware gangs. [...]
A series of newly planned reforms are designed to entice companies to start early trials in the U.S. rather than overseas.
Service desks have become a favored target for attackers seeking password resets, MFA changes, and access to corporate accounts. Specops Software breaks down how service desk social engineering attacks work and how organizations can defend against them. [...]
Overseas markets are central to MiniMed’s business, accounting for 70% of reported net sales in the company’s 2026 financial year.
Hillcrest Convalescent Center Settles Class Action Data Breach Litigation The HIPAA Journal
Hillcrest Convalescent Center, a short-term inpatient rehabilitation and skilled nursing facility in Durham, North Carolina, has agreed to settle class […] The post Hillcrest Convalescent Center Settles Class Action Data Breach Litigation appeared first on The HIPAA Journal.
JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.
A empresa de pesquisa em segurança cibernética Paradigm Shift divulgou os detalhes técnicos de um novo exploit de BootROM que afeta milhões de dispositivos da Apple. Batizada de Usbliter8, a vulnerabilidade afeta diretamente a SecureROM, o primeiro código executado por um iPhone …
Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains. The "critical exploitable pattern" has been codenamed Cordyceps by Novee Security. The issue can allow full attacker …
Dados de usuários do LastPass foram expostos em um novo incidente de segurança. O vazamento ocorreu após um ataque à Klue, plataforma de inteligência de mercado utilizada pela companhia, e não comprometeu as senhas guardadas no gerenciador. 5 apps gerenciadores de senhas gratu…
Two British hackers have pleaded guilty to a cyberattack on Transport for London (TfL), one of whom also admitted to […] The post British Scattered Spider Hacker Pleads Guilty to Cyberattacks on TfL; SSM Health Care; Sutter Health appeared first on The HIPAA Journal.
By Stephen Vaccaro - As more adults live longer and choose to age in place, the demand for homecare across the U.S. continues to climb. This shift has provided an opportunity for homecare providers to expand their reach and establish themselves as pillars of the modern healthcare…
Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or kernel exploits.
Uma prova de conceito pública foi divulgada para uma vulnerabilidade de alta gravidade no Microsoft Exchange Server, aumentando o risco de exploração contra ambientes locais que ainda não aplicaram as correções de junho de 2026. A falha, identificada como CVE-2026-45504, afeta Ex…
A campanha FortiBleed expôs credenciais de milhares de firewalls FortiGate conectados à internet, aumentando o risco de acesso não autorizado a redes corporativas em diversos países. O caso envolve uma base de dados vazada com credenciais associadas a dispositivos Fortinet. Segun…
A Bajaj Auto confirmou ter sido atingida por um ataque de ransomware que afetou sistemas internos da companhia e de sua subsidiária de tecnologia, a Bajaj Auto Technology Ltd. O incidente foi detectado por volta das 8h da manhã de 23 de junho de 2026, no horário da Índia. A empre…
We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and weeks or even months later,…