The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a warning about malicious actors that are actively using remote access trojans (RATs) and commercial spyware to target users of mobile messaging apps. “These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating […]
Based on evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a significant security vulnerability affecting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) list. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability that affects Fireware OS versions 11.10.2 through 11.12.4_Update1, 12.0 through 12.11.3, and 2025.1. […]
Vendor security risks continue to challenge healthcare providers. Veradigm (formerly Allscripts) and ApolloMD, both providers of practice and revenue cycle management software and services, are the latest to report hacking incidents to regulators, creating complications for providers and affecting patient care. This week, Veradigm started informing regulators in multiple states about a hacking incident caused […]
