DataBreachToday.com

Market Pressures Are Rewarding Storytelling More Than Validation, Operational Value
The fall of health tech company Theranos exposed how hype can outpace reality. In cybersecurity, similar pressures are emerging as vendors compete with bold claims and buyers struggle to verify outcomes. The result: a market where narrative can overshadow measurable operational value.

AI Dependency Attack Reportedly Exposes Data and Source Code
A LiteLLM supply-chain compromise enabled attackers to harvest credentials and access internal environments at scale at Mercor. The firm was the first to confirm a LiteLLM breach, and researchers are warning about growing AI system exposure and limited visibility.

Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based Verification
Financial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.

Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions
Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it's rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.

A Shipping Crisis in the Middle East Is Now a Chip Crisis Everywhere Else
The Strait of Hormuz crisis is amplifying a supply crunch in the specialist memory chips that power AI, and analysts say the industry's concentration in South Korea makes the timing particularly uncomfortable.

Device Maker Is Still Investigating March 11 Attack Claimed by Iranian Hacktivists
Medical tech maker Stryker said it has restored its systems and is operational across its global manufacturing network three weeks after a wiper attack by Iranian hacktivist group Handala led to a worldwide outage at the company. The firm is continuing to investigate the incident.

Also: RSAC Speakers Warn AI Is Outpacing Security, DoD's Zero Trust Reality Check
In this week's panel, four ISMG editors discussed growing cyber risks in healthcare following recent vendor breaches, key takeaways from RSAC Conference and whether the Pentagon's zero trust push is delivering real security benefits or just checking off boxes.

Going Beyond the Copilot Pilot - A CISO's Perspective
With 60% of businesses piloting M365 Copilot but only 6% scaling, this webinar explores why gen AI deployments stall — and what CISOs and IT leaders must know to roll out secure, compliant, and effective AI productivity tools.

It's Time for CIOs to Rethink Business Continuity Plans and Cloud Resources
The targeting of commercial cloud data centers in the Middle East marks a turning point for CIOs and enterprise leaders. Geopolitics and military conflicts are definite threats to vital technology infrastructure. The question is: How well-prepared and resilient is your enterprise?

Panel Calls for Modernization of Recruiting Processes for About 225,000 Cyber Jobs
The Pentagon's years-long cyber workforce overhaul needs a Department of Defense-wide talent management system to ensure interoperability and consistency across the entire DoD enterprise, said the CIOs of four military services at a panel last week.

AI-Native Platform Targets Identity Governance Gaps and Automation
Linx Security secured $50 million to expand its artificial intelligence-driven identity platform as enterprises struggle with identity-based attacks. CEO Israel Duanis highlights real-time visibility automation and risk reduction as key to addressing growing threats from AI agents.

Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key Activity
This week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K.

Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply Case
This week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi.

Anthropic's Mythos Leak Points to Pattern of Failures, Sloppy Practices at AI Labs
Anthropic accidentally exposed its most powerful unreleased AI model to compromise, and days later shipped its flagship coding tool's full source code without meaning to. Meta, Microsoft and OpenAI have each had comparable moments. Questions linger about the integrity of third-party AI tools.

Unified Platforms Reduce Risk, Cost From Ransomware and AI Threats
Leaders must maximize existing infrastructure as ransomware and AI-driven threats raise costs and risk. In order to extract more value from current hardware, organizations must strengthen resilience through private cloud architectures, improved storage efficiency and automated recovery.

Moves Reverse Biden-Era Changes; National Coordinator Returns to Health IT Policy
The U.S. Department of Health and Services is reversing Biden-era changes, returning the Office of the National Coordinator for Health IT's focused role on external health IT policy and standards, while shifting department-wide cybersecurity, cloud, AI and data operations back to the Office of CIO.

Enterprises Seek Multi-Agent Systems to Govern LLM-Generated Code at Scale
As AI-generated code surges, New York-based startup Qodo has raised $70 million in Series B funding to address governance and quality challenges. The company is building multi-agent systems to review code, enforce standards and reduce risk in enterprise software development.

Fallout Continues Over Leaked Claude Source Code Incident
The tension between AI developers and cybersecurity vendors is becoming increasingly apparent as new models show sudden leaps in capability - and AI firm Anthropic, for better or for worse, finds itself at the center of the drama.