BankInfoSecurity.com

Full Scope of Clop Ransomware Group's Oracle E-Business Suite Hits Still Emerging
The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group's supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities.

AI Firm Discovers New Prompt Injection Attack Class
OpenAI faces a years-long battle to secure its ChatGPT Atlas web browser against prompt injection attacks, a threat the company says will require continuous defense strengthening much like the arms race against online scams targeting humans.

Preparing a healthcare workforce to responsibly engage with AI tools without over relying on automation or undermining human oversight will require awareness training akin to phishing exercises, said Skip Sorrels, field CTO and CISO at security firm Claroty.

Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi Security
A browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself.

Report: China, Russia Exploiting US Cyber Policy Gaps to Gain Strategic Advantage
A new McCrary Institute report urges Washington to adopt a more offensive cyber strategy, warning that the current reactive approach leaves the U.S. unable to counter China and Russia’s persistent campaigns to gain asymmetric leverage in cyberspace.

Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS
Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk.

Smart eyewear such as Meta-AI Ray Ban glasses - which sport microphones, cameras and can connect to artificial intelligence - pose emerging patient privacy and other risks especially when worn in healthcare settings, said Garrett Zickgraf of consulting firm LBMC.

Chinese Hacking Group Reportedly Behind the Hack
A top-ranking U.K. government official said that hackers targeted the government's foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. "We managed to close the hole, as it were, very quickly," said Trade Minister Chris Bryant.

Top Lawmaker Urges White House to Review Foreign Influence in Open-Source Code
A top Republican in the U.S. Senate warned the White House that foreign adversaries are exploiting trusted open-source software used across federal networks and defense systems, urging the National Cyber Director to lead efforts to monitor contributors and reduce supply chain risk.

Europe Faces Barriers No Legal Rewrite Can Fix
An assumption propelling a proposed recalibration of European tech regulation is that red tape is holding back the trading bloc from gaining ground in a global race for artificial intelligence dominated by the United States and China. But Europe's problem isn’t merely regulatory drag.

Landmark Cybersecurity Deal Embeds Prisma AIRS in Google Cloud for AI Protection
Palo Alto Networks is deepening its partnership with Google Cloud in a multibillion-dollar deal aimed at fortifying AI security. The collaboration includes native integrations of Prisma AIRS and Vertex AI, addressing security across hybrid multicloud environments.

Precision Agriculture Boost Yields but Opens Farmers to Cybersecurity Risk
Precision agriculture is transforming U.S. farming with sensors, drones and automation, boosting productivity yields. But growing digital dependence is also expanding the attack surface, exposing farms to ransomware, disruption and rising cybersecurity risk.

Ransomware Gang Rhysida Leaks 3.7TB of Data Stolen From Maryland Hospital System
Maryland-based MedStar Health, which operates 10 hospitals, is notifying patients about a data theft incident affecting their personal information. Ransomware group Rhysida claims on its darkweb leak site to have 3.7 terabytes of MedStar's data, including "over 7 million pieces of patient data."

Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO Flaws
This week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled.

Cisco Talos Attributes Campaign to UAT-9686
Likely Chinese nation-state hackers are exploiting an unpatched flaw in Cisco email appliances as part of an ongoing campaign to gain persistent access. Hackers have been exploiting since mid-November a zero-day in the Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.