HEAL Security - Cybersecurity Intelligence & News for Healthcare

In this episode, Edd Hall discusses how hackers are exploiting Windows Hyper-V to hide malware, Google’s warning about self-modifying AI threats, and Cisco’s alert on active firewall exploits. He also covers CISA’s new industrial control system advisories, a ransomware attack on Central Jersey Medical Center, and the growing problem of weak passwords. Plus, Edd explores how generative AI is fueling applicant fraud in healthcare and how three major cybercrime groups—Scattered Spider, LAPSUS$, and ShinyHunters—have joined forces under the new alliance Scattered LAPSUS Hunters.

Stay updated on the latest in cybersecurity, AI-driven threats, and IT innovations. In this episode, we cover Google’s discovery of the self-modifying PROMPTFLUX malware, a major UK government IT upgrade, critical WordPress plugin vulnerabilities, SonicWall’s state-sponsored breach, AI-assisted cyberattacks, and Komodor’s new self-healing Kubernetes platform. Short, precise, and essential tech news for professionals and enthusiasts alike.

In this episode, Edd Hall discusses how cybercriminals are blending AI abuse, cloud exploitation, and social engineering to launch increasingly sophisticated attacks. From Microsoft uncovering the SesameOp backdoor that used OpenAI’s API for covert communication, to the TruffleNet campaign stealing AWS credentials, this week reveals how trusted technologies are being weaponized. Edd also breaks down new CISA advisories on industrial control systems, the U.S. CFPB’s declining cybersecurity posture, a React Native supply-chain flaw, a massive Swedish data breach affecting 1.5 million people, and a ransomware group spreading fake Microsoft Teams ads. Tune in to learn how these events highlight the growing need for vigilance, patching, and smarter cloud identity protection in today’s cyber landscape.

In today’s HEAL Security Dispatch Daily Digest, we cover Microsoft’s latest WSUS patch that unexpectedly disables hotpatching, a malicious VSX extension targeting developers, and a shocking insider ransomware case. Plus, new details on MuddyWater’s Phoenix backdoor campaign, Odyssey Cybersecurity’s expansion in Saudi Arabia, WordPress’s WP-CLI tutorial, and cybercriminals exploiting remote-management tools to hijack logistics operations. Stay informed with the latest developments shaping the cybersecurity landscape.

In this episode, Mark and Diana discuss the latest cybersecurity developments — from the state-backed Airstalk malware campaign exploiting VMware AirWatch APIs to Claroty’s critical authentication bypass fix. They also explore OpenAI’s new AI model “Aardvark”, designed to automatically detect and patch code vulnerabilities, and Microsoft Edge’s new scareware sensor aimed at blocking tech-support scams. Plus, they cover ongoing Cisco “BadCandy” infections, the U.S. decision to reject the UN cybercrime treaty, MOVEit and Linux kernel vulnerabilities, and CISA’s updated Exchange Server guidance — wrapping up with insights on what these trends mean for enterprise security in 2025.

In this episode, Edd Hall discusses the latest cybersecurity developments shaping the global landscape — including a massive surge in DDoS attacks across the Middle East, LinkedIn’s AI data privacy deadline, and a shocking case of a U.S. defense contractor selling exploits to Russia. He also covers a major data leak from Iran’s intelligence academy, new additions to CISA’s Known Exploited Vulnerabilities catalog, malware targeting WooCommerce sites, high-severity flaws in Docker Compose, and fresh security guidance from CISA and NSA for Microsoft Exchange and industrial control systems.

In today’s HEAL Security Dispatch Daily Digest, we cover the latest developments shaking the cybersecurity world — from Microsoft’s global DNS outage to a surge in AI-powered attacks across Africa. Discover how new vulnerabilities like TEE.Fail and LiteSpeed Cache exploits are putting systems at risk, while Gunra ransomware and PhantomRaven supply-chain attacks continue to spread. We also explore how data gaps are leaving healthcare providers in the dark. Stay informed with the most critical cybersecurity updates shaping today’s digital landscape.

In this episode, Edd Hall discusses the latest global cybersecurity incidents, including massive data breaches, ransomware attacks, and actively exploited vulnerabilities. He breaks down how these events impact individuals and organizations, highlights emerging threats like zero-day exploits and sophisticated APT campaigns, and explores how companies are responding with advanced security measures such as threat intelligence platforms. Listeners will gain insights into the current cyber threat landscape and practical steps to stay protected.

Today’s episode of HEAL Security Dispatch Daily Digest dives into the latest global cybersecurity developments — from a critical flaw in Ubiquiti’s UniFi Access system to a Chrome zero-day exploit linked to an Italian spyware vendor. We cover Dentsu’s data breach, Apple’s controversial iOS update that wipes spyware evidence, and a massive leak exposing 183 million Gmail accounts. Plus, researchers uncover a fake “privacy” browser tied to Chinese servers, and Microsoft tests a new Windows feature to boost system reliability. Stay informed with the top cybersecurity stories shaping the digital world.

In this episode, Mark and Diana discuss the week’s biggest cybersecurity developments — from YouTube videos secretly delivering malware to rising ransomware attacks across healthcare and manufacturing. They explore how Jaguar Land Rover’s $2.5B breach exposed weaknesses in industrial cybersecurity, why Canada’s healthcare system is under siege, and what lessons can be learned from recent Apple, Oracle, and Finwise incidents. The hosts also unpack the DHS warrant involving OpenAI, the growing move toward passwordless authentication, and how observability is reshaping digital defense in healthcare.

In today’s cybersecurity roundup, we cover major developments shaking the tech world — from SpaceX disabling thousands of Starlink terminals used in scams to Samsung patching a serious zero-day flaw in the Galaxy S25. Microsoft tightens Windows security by disabling the preview pane, while new attacks exploit Adobe Commerce and Magento platforms. We also look at how spreadsheet-based risk tracking is failing organizations, a critical Comet Browser vulnerability, and cybersecurity warnings for Medicare’s open enrollment season. Stay informed with the latest in threat intelligence and digital defense.

In this episode, Edd Hall discusses the latest developments in cybersecurity, including emerging threats, critical vulnerabilities, phishing campaigns, AI-related security risks, and high-profile data breaches. He highlights key actions organizations should take to strengthen defenses, manage risks, and protect sensitive data in an increasingly complex digital landscape.

In today’s cybersecurity roundup: Microsoft investigates login issues caused by recent Windows updates, while Japanese retailer Muji halts online sales after a ransomware attack. Experts uncover a prompt-injection flaw in Microsoft 365 Copilot, and the NYDFS issues new guidance on third-party cyber risks. Plus, critical vulnerabilities emerge in the Better-Auth library, a new PolarEdge botnet targets routers, and Meta rolls out AI-powered tools to combat scams across its messaging platforms.

In this episode, Edd Hall discusses the latest wave of cybersecurity incidents shaking global infrastructure — from the massive AWS outage that disrupted Prime Video and Fortnite, to China’s accusations against the NSA over cyber-espionage operations. He also breaks down CISA’s addition of new exploited vulnerabilities, the discovery of 131 malicious Chrome extensions hijacking WhatsApp sessions, and the major F5 Networks breach affecting over 262,000 systems. The episode wraps up with updates on Volkswagen’s suspected ransomware attack, the active exploitation of a critical Windows SMB flaw, and the emergence of the self-spreading “GlassWorm” malware targeting developer ecosystems.

In today’s HEAL Security Dispatch Deep Dive, we cover a wave of new cybersecurity threats making headlines. Attackers exploit a Zendesk authentication flaw, hackers spread self-compiling malware through TikTok videos, and an American Airlines subsidiary confirms data theft linked to Oracle systems. Meanwhile, Sotheby’s reports a major breach exposing sensitive client data, and Microsoft revokes 200 fraudulent code-signing certificates tied to ransomware operations. Stay informed with the latest developments in cybersecurity and digital defense.

In this episode, Edd Hall discusses the latest cybersecurity developments, including hackers deploying Linux rootkits on Cisco routers, the U.S. Senate’s scrutiny of Cisco’s security practices, and active exploits targeting Adobe Experience Manager and Windows BitLocker. He also covers Integris Health’s $30 million data breach settlement, new additions to CISA’s Known Exploited Vulnerabilities catalog, and the often-overlooked hidden costs of penetration testing — highlighting how these events shape today’s digital risk landscape.

In this episode, we discuss the latest cybersecurity developments, including critical vulnerabilities in Cisco and SAP systems, widespread phishing campaigns, ransomware attacks, and regulatory actions. We also explore the growing skills gap in the cybersecurity workforce and the importance of board-level awareness to protect organizations from escalating digital threats.

Stay up to date with the latest in cybersecurity as HEAL Security Dispatch Daily Digest dives into major acquisitions, state-sponsored attacks, malware innovations, and high-profile breaches. This episode covers LevelBlue’s acquisition of Cybereason, North Korean malicious npm packages, OpenAI/Sora phishing schemes, Chinese hackers exploiting ArcGIS servers, the Pixnapping Android exploit, polymorphic malware trends, and PTOE Corporation’s website hijack. Learn how these events impact global digital security and what to watch for in emerging threats.

In today’s HEAL Security Dispatch Daily Digest, we cover the latest global cybersecurity developments. Microsoft investigates a widespread Microsoft 365 outage and a new GDPR ruling hits its education platform. SonicWall VPNs are breached using stolen credentials, while a new WhatsApp worm spreads banking malware across Brazil. Researchers reveal a Lenovo vulnerability, Microsoft’s Media Creation Tool fails on Windows 10, and a Rust-based malware called ChaosBot emerges as a rising threat. Stay informed with the latest updates shaping the cybersecurity landscape.

In this episode, Edd Hall discusses the latest developments in cybersecurity, including how AI models can be easily poisoned, the ongoing Cl0p ransomware attacks, dangerous Android malware impersonating popular apps, and critical vulnerabilities in enterprise systems like SonicWall and Oracle E-Business Suite. He also covers Apple’s $2 million bug bounty for zero-click exploits, the rapid spread of a global botnet, the discovery of malicious npm packages, Fortra’s $20 million data breach settlement, and CISA’s newest additions to the Known Exploited Vulnerabilities catalog. Edd breaks down what these threats mean for individuals and organizations, and highlights the steps needed to stay protected in today’s evolving digital landscape.

In today’s cybersecurity roundup, we cover a wave of new threats and major incidents across industries. From fake Android apps spreading ClayRat spyware to SonicWall’s cloud data breach, this episode highlights the evolving risks facing users and enterprises alike. Plus, updates on Microsoft Defender’s false alerts, a Florida clinic’s delayed breach disclosure, Discord’s ID leak, and Jaguar Land Rover’s post-attack recovery. Stay informed with the latest developments shaping the digital security landscape.

In this episode, Edd Hall discusses the latest cybersecurity news and trends, covering Chinese hackers weaponizing open-source tools, the Crimson Collective targeting AWS cloud environments, WordPress theme exploits, and a critical macOS VPN vulnerability. He also explores the Salesforce data breach, the release of a fully undetectable Android RAT, arrests linked to a London nursery breach, and OpenAI’s actions to block state-sponsored hackers using ChatGPT. Edd breaks down the impact of these incidents, the tactics used by attackers, and what organizations and individuals can do to stay protected.

In today’s HEAL Security Dispatch Daily Digest, we cover the biggest cybersecurity developments shaping the digital landscape. From the Medusa ransomware exploiting Fortra’s GoAnywhere flaw to healthcare networks struggling with outdated infrastructure, today’s stories reveal how technology, security, and innovation intersect. We also explore BatShadow’s new Go-based malware campaign, DraftKings’ credential stuffing breach, and growing concerns over AI-driven “vibe coding.” Plus, we look at Google’s CodeMender AI, which patches vulnerabilities automatically, and Microsoft’s latest Windows 11 security changes. Stay informed and stay secure with the latest in cybersecurity intelligence.

In this episode, Edd Hall discusses the latest developments in cybersecurity, covering a wide range of critical threats and trends. He explores global cybercrime operations like the UAT-8099 SEO fraud campaign, major breaches affecting platforms such as Discord, and emerging malware like the new Android RAT. Edd also highlights the growth of the healthcare cybersecurity market, the challenges posed by quantum computing, rising payment fraud, AI security considerations, and critical browser vulnerabilities like Chrome’s RCE flaw. Tune in to stay informed and learn how to better protect your data and digital infrastructure.

In this episode, we cover the latest cybersecurity threats and data breaches making headlines. Meta users face a phishing scam installing FileFix malware, while the Rhadamanthys stealer now uses AI to steal cryptocurrency seed phrases. Renault and Dacia UK customers are warned after a third-party data breach, and NHS Highland reports unauthorized disclosure of staff and patient information. We also highlight Android spyware disguised as Signal and ToTok updates, and Signal rolls out quantum-safe cryptography to protect users’ messages. Stay informed and stay safe.

In this episode, Edd Hall discusses the recent wave of cybersecurity events, starting with the Red Hat breach that exposed internal project data, the surge in CVEs and how insurers are reacting, and the Kodex outage caused by social engineering. He also covers the emergence of the Klopatra Android trojan, new CISA advisories and additions to the KEV catalog, along with major data breaches impacting Allianz Life and WestJet customers.

Stay up to date with today’s top cybersecurity stories. From Google’s new F‑Droid restrictions and emerging Android malware like Klopatra and MatrixPDF, to DNS-based attacks, VMware exploits, and North American data breaches exposing millions of users, we cover the latest threats and vulnerabilities affecting individuals and organizations. Tune in for a concise, journalist-style briefing on the key cyber risks you need to know today.

In this episode, Edd Hall discusses the latest wave of global cyber threats — from Chinese espionage operations using NET-STAR malware to critical vulnerabilities in Palo Alto’s GlobalProtect, Google Gemini AI, and Linux sudo. He also covers CISA’s funding shift for MS-ISAC, the major cyberattack on Asahi Group, hijackings of Microsoft SQL Servers with XiebroC2, and the Harrods data breach impacting hundreds of thousands of customers.

Today’s episode covers the latest cybersecurity news, including the Postmark MCP server code hijack, AI-generated copyright scams targeting social media, and Nimbus Manticore’s expanding cyber-espionage operations in Europe. We also discuss recent data breaches at Gaylord Specialty Healthcare and Harrods, as well as hackers spreading fake apps and weaponized Microsoft Teams installers. Stay informed on today’s top threats and learn how attackers are exploiting both individuals and organizations.

In this episode Mark and Diana discuss the latest cybersecurity developments, including the push for simplicity in SecOps, Microsoft’s warning about the XCSSET macOS malware, and GitLab’s high-severity vulnerabilities. They also cover major healthcare breaches affecting nearly 150,000 patient records, the Ascension class action lawsuit, and a UK nursery hack that exposed sensitive children’s data. Additionally, the episode highlights CISA’s emergency directive on Cisco devices, critical Cisco vulnerabilities flagged by NCSC and CISA, and Google’s alert on the Brickstorm backdoor targeting U.S. legal and tech sectors. Finally, they revisit the evolution of XCSSET malware and what these threats mean for organizations worldwide.

A wave of new cyber incidents is making headlines worldwide. From hackers abusing GitHub notifications and fake copyright takedowns to ransomware leaking children’s data, DNS-based malvertising, and multimillion-dollar corporate losses, these stories reveal the growing sophistication of today’s cybercriminals. We also cover fresh AI vulnerabilities and stealthy long-term breaches, highlighting the urgent need for stronger digital defenses.

In this episode, we discuss the latest cybersecurity incidents and vulnerabilities affecting organizations worldwide. Topics include Chinese state-backed supply chain attacks, a UK arrest linked to airport disruptions, critical flaws in Salesforce CLI and enterprise software, and GitHub’s efforts to secure the npm ecosystem. We also cover the ShadowV botnet-for-hire and recent breaches of U.S. federal agencies and casino employee data, highlighting the ongoing risks and importance of robust security measures.

This episode delivers a sharp roundup of the week’s top cybersecurity stories, including hackers weaponizing oversized SVG files to spread AsyncRAT, malware spoofing trusted tools like ChatGPT and Microsoft Office, a critical bug in Libraesva Email Security Gateway exploited by state actors, IIS server hijacking through malicious modules, new Supermicro firmware flaws that allow malicious updates, a widespread macOS infostealer campaign using fake GitHub repositories, and Microsoft’s patch for a severe Entra ID token-validation vulnerability. Stay informed on these critical threats and the urgent fixes protecting users worldwide.

Microsoft patched a major Entra ID flaw that could have allowed large-scale account impersonation, while Collins Aerospace faced a ransomware attack that disrupted European airports. The healthcare cybersecurity market is set for rapid growth as attacks intensify, and criminals are impersonating the FBI’s IC3 to steal sensitive data. Malware infections are rising on Windows, with ransomware and info-stealers leading the trend, while macOS infections decline. Steam faced two major incidents: one game diverted cancer treatment donations, and another stole $150,000 in cryptocurrency. A BBC report further highlighted how ransomware is increasingly threatening critical services like healthcare, aviation, and utilities, underscoring the urgent need for stronger defenses.

Today’s cybersecurity roundup covers a critical Nokia vulnerability, research showing how ChatGPT agents can be tricked into solving CAPTCHAs, and a new exploit called ShadowLeak targeting Gmail integrations. We also look at major data breaches impacting healthcare and luxury brands, a maximum-severity flaw in Fortra’s GoAnywhere MFT, and the rise of AI-powered phishing campaigns. Stay informed on the latest threats shaping the digital landscape.

In this episode, Edd Hall discusses Google’s urgent patch for a Chrome zero-day, a Russian disinformation network spreading fake news with AI, and a new zero-click exploit targeting ChatGPT’s Research Agent to steal Gmail secrets. He also covers the alarming rise in healthcare cyberattack losses revealed by Netwrix, CISA’s latest advisories on industrial control system vulnerabilities, and the growing financial and cyber pressures on safety-net hospitals. The episode closes with insights into a major breach affecting 850,000 Americans, highlighting the escalating risks across technology, infrastructure, and healthcare.

In today’s cybersecurity roundup, we cover 224 malicious Android apps removed from Google Play, a new BiDi Swap vulnerability, and a supply chain attack targeting npm packages. We also look at SonicWall’s cloud portal breach, the FileFix phishing campaign, Microsoft’s takedown of the RaccoonO365 phishing service, and TA558’s use of AI-generated scripts in hotel attacks. Stay informed on the latest threats shaping the digital landscape.

In this episode, Edd Hall discusses the latest cybersecurity developments, including Microsoft’s September updates breaking SMBv1 shares, the KillSec ransomware attack on a Brazilian healthcare software provider, and an insider breach at FinWise Bank affecting nearly 700,000 customers. He also explores the clash between U.S. senators and the FBI’s cyber chief over staffing issues, the risks of threat actors misusing AI code assistants, and the newly disclosed FileFix attack method. Additionally, Edd highlights CISA’s release of eight advisories for industrial control systems and the data breach impacting luxury fashion brands Gucci, Balenciaga, and Alexander McQueen.

This episode covers the latest in cybersecurity, from hackers using AI-powered phishing schemes to a new Phoenix Rowhammer attack targeting DDR5 memory. We dive into insider and financial data breaches, Microsoft’s Windows 10 end-of-support warning, and a surge of malicious WhiteCobra extensions in developer tools. Plus, we look at how AI is reshaping clinical trial site selection with major implications for data security.

In this episode, Mark and Diana discuss the latest wave of cybersecurity developments, from the emergence of HybridPetya ransomware that bypasses Secure Boot to Akira’s exploitation of a SonicWall flaw. They cover the critical Cursor editor vulnerability, CISA’s warning about active attacks on Dassault’s manufacturing software, and new patches from Cisco and Samsung. The conversation also explores Microsoft’s fresh security challenges—including political scrutiny and new Teams protections—alongside a major UK train operator breach, the appearance of a mysterious Chinese AI pentesting tool, and the growing cyber risks facing the pharmaceutical industry.

In today’s cybersecurity briefing: a critical Apple CarPlay flaw leaves vehicles exposed, Microsoft battles a major Exchange outage, and a new phishing-as-a-service platform emerges. Oracle unveils AI-powered patient tools, researchers warn of the VMScape CPU attack, and Apple alerts users to state-sponsored spyware threats. Plus, ransomware surges across the Middle East, putting banking and oil sectors under siege.

In this episode, Edd Hall discusses the latest cybersecurity developments, including Microsoft’s streaming fixes, SAP and Patch Tuesday updates, delayed hospital breach disclosures, federal cyber priorities, the rise of CyberVolk ransomware, cryptojacking campaigns targeting Docker APIs, GitLab security patches, and data breaches affecting UK police forces. He breaks down the risks, impacts, and key takeaways for organizations and individuals navigating today’s evolving threat landscape.

Today’s cybersecurity roundup covers a major npm supply chain attack, warnings from Czech authorities about Chinese espionage risks, and the indictment of a ransomware operator tied to LockerGoga, MegaCortex, and Nefilim. We also highlight a Plex data breach, a Microsoft anti-spam bug disrupting safe links, a FortiDDoS vulnerability, and a new Linux botnet combining cryptomining with DDoS attacks.

This episode covers the latest in cybersecurity, from the GPU-based “GPUGate” malware campaign and SVG image phishing kits to a major GitHub breach and hijacked npm packages with billions of downloads. We also look at new spyware enabling sextortion, phishing abuse of Amazon’s email service, and a data breach at Canadian fintech firm Wealthsimple. Stay updated on the threats shaping today’s digital landscape.

In this episode, Mark and Diana discuss the U.S. government’s $10 million bounty on Russian FSB hackers, the discovery of undetected SVG phishing files, and new warnings from the Czech Republic about technology that transmits data to China. They explore how AI could be misused for autonomous ransomware, the evolution of CastleRAT malware, and the growing abuse of X’s Grok AI to spread malicious links. The conversation also covers Microsoft’s enforcement of multi-factor authentication in Azure, Wealthsimple’s recent data breach, and ransomware attacks that hit healthcare providers. Finally, they dive into the WhatsApp flaw now listed in CISA’s Known Exploited Vulnerabilities and examine the expanding impact of the Salesforce Salesloft Drift supply chain breach affecting major cybersecurity firms.

In today’s episode, we cover Cloudflare’s defense against a record-breaking DDoS attack, a Sitecore zero-day exploited by hackers, and GhostRedirector’s growing server compromises. We also look at Chess.com’s recent data breach, npm malware hidden through Ethereum smart contracts, and the evolving Tycoon phishing kit. Finally, we highlight DarkPulse’s new partnership with BX3 to expand across the Middle East, Africa, and Asia.

In this episode, Edd Hall discusses the latest developments in cybersecurity, from government initiatives to strengthen supply chain transparency with updated SBOM guidance, to major cyber incidents impacting technology, healthcare, and finance. He covers Cloudflare’s defense against the largest-ever DDoS attack, Google’s critical Android security updates addressing zero-day vulnerabilities, breaches affecting PagerDuty and other major security vendors, as well as disruptions at Jaguar Land Rover and attempts at large-scale financial fraud in Brazil. Edd highlights the evolving nature of cyber threats and their growing impact on organizations and individuals worldwide.

Today’s cybersecurity roundup covers North Korea’s Lazarus Group expanding its malware arsenal, Cloudflare blocking a record 115 Tbps DDoS attack, and Jaguar Land Rover facing major IT outages. We also look at Ukraine’s networks hit by massive brute-force attempts, a critical ESPHome vulnerability, a Salesloft breach impacting top cybersecurity firms, and the discovery of the MystroDX backdoor.

In this episode, Mark and Diana discuss the latest developments in cybersecurity, including Microsoft’s SSD update clarification, the Salt Typhoon espionage campaign, zero-day vulnerabilities in WhatsApp, and the rise of ransomware attacks by groups like Sinobi. They also cover major data breaches affecting TransUnion and Farmers Insurance, and explain why malware can never be completely stopped, highlighting the importance of layered defenses and proactive security measures.

In this episode, Edd Hall discusses the latest developments in global cybersecurity, including North Korea-linked cyber operations, AI-driven ransomware campaigns, and the misuse of trusted tools like Velociraptor. He highlights major data breaches affecting hundreds of thousands of individuals, vulnerabilities in enterprise software and industrial systems, and emerging threats across critical infrastructure. Edd explores how organizations can strengthen defenses, patch systems promptly, and remain vigilant against increasingly sophisticated attacks.