Samantha Fischer reports: Minnesota Governor Tim Walz issued an executive order to activate the National Guard Tuesday after the city of St. Paul became the target of a cyberattack. According to the governor’s office, the order took effect immediately. “We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible,”…
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Ravie Lakshmanan reports: The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. “The group’s core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk,” Google’s…
Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
Martin Fornusek reports: Aeroflot, Russia’s largest airline, reported a massive malfunction in its information system on July 28, forcing the cancellation of dozens of flights to and from Moscow. “There has been a failure in the airline’s information systems. Service disruptions are possible,” the Russian flag carrier said on Telegram without clarifying the cause of the disruptions….
AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
In November 2022, the All India Institute of Medical Sciences (“AIIMS“) reportedly suffered a ransomware attack. They may have just escaped another incident thanks to the responsible disclosure of a vulnerability found by a researcher. Ashish Khaitan reports: A critical vulnerability in the AIIMS portal exposed highly sensitive data of voluntary organ and tissue donors…
Two Data Breaches in Three Years: McKenzie Health
SuspectFile reports: Between 2022 and 2025, McKenzie Health System, which operates the McKenzie Memorial Hospital in rural Michigan, was hit by two major data breaches. Combined, the attacks compromised the personal and medical information of more than 79,000 patients. Although the incidents are technically distinct, they reveal a troubling pattern of systemic vulnerabilities and raise critical questions about the resilience of smaller…
Scattered Spider is running a VMware ESXi hacking spree
Bill Toulas reports: Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. According to the Google Threat Intelligence Group (GITG), the attackers keep employing their usual tactics that do not include vulnerability exploits but rely on perfectly executed social engineering…