Data of more than 740,000 stolen in ransomware attack on Michigan hospital network
Ransomware hackers stole the Social Security numbers and health insurance information for more than 740,000 people during an attack on a prominent Michigan hospital network. McLaren Health Care filed documents on Friday concerning a ransomware attack that took place in August 2024 — the second cyber incident to impact the healthcare giant in 12 months. The attack last year was launched by an “international ransomware group” and impacted the computer networks of both McLaren Health Care and Karmanos Cancer Institute, the documents said. McLaren did not offer further details about the cybercriminals.
CitrixBleed 2: Electric Boogaloo — CVE-2025–5777
Remember CitrixBleed, the vulnerability where a simple HTTP request would dump memory, revealing session tokens? CVE-2023–4966. It’s back like Kanye West returning to Twitter about two years later, this time as CVE-2025–5777. You may have missed it, as the original CVE on 17th June 2025 referred to the “Netscaler Management Interface”, which you shouldn’t expose to the internet. However, last night the CVE was updated to remove the Management Interface from the description. The vulnerability allows an attacker to read memory from the Netscaler when configured as a Gateway or AAA virtual server — think remote access via Citrix, RDP etc. It’s an extremely common setup in large organisations.
Columbia, NYPD investigating hourslong University IT outage
Columbia is working with the New York Police Department to investigate an hourslong outage impacting the University’s online platforms that started around 7 a.m. on Tuesday, a University spokesperson wrote in a statement to Spectator. The ongoing outage is impacting Columbia’s UNI authentication service, which students use to log into their University accounts. As of around 11:45 a.m., Columbia affiliates remained unable to log into any of the University’s online platforms, including LionMail, its email service, and CourseWorks, where professors post assignments and readings for students, according to the University’s communications regarding the outage.
French police reportedly arrest suspected BreachForums administrators
French authorities have arrested several individuals suspected of running BreachForums, one of the world’s largest online marketplaces for stolen data, according to a French news report. Four of the suspects — known online as ShinyHunters, Hollow, Noct, and Depressed — are in their twenties and were detained earlier this week by France’s Cybercrime Brigade (BL2C), according to police sources cited by the newspaper Le Parisien. Another suspect, known as IntelBroker, was arrested in a prior operation, sources told the newspaper. Rumors had been circulating recently about IntelBroker’s arrest.
Ransomware Attacks Dip in May Despite Persistent Retail Targeting
Ransomware attacks fell globally for the third consecutive month in May 2025 despite the continued heavy targeting of retailers, according to new figures from NCC Group. The cybersecurity company recorded 393 attacks in May, a 6% fall from 416 in April. This follows a significant 31% decline in ransomware attacks in April compared to March. The fall in April is partly thought to be due to infrastructure outages experienced by the RansomHub gang. The fall in May comes despite a deluge of ransomware incidents affecting high-profile retailers from late April.
Ransomware attack contributed to patient’s death, says Britain’s NHS
A ransomware attack that disrupted blood testing across several hospitals in London last year contributed to a patient’s death, according to the National Health Service (NHS). The attack by the Qilin cybercrime group against London-based pathology service Synnovis last June severely disrupted care at a large number of NHS hospitals and care providers in London. As a result of the attack, hospitals were unable to perform blood tests at the normal speed. A spokesperson for King’s College Hospital NHS Foundation Trust said that this delay was among “a number of contributing factors” that led to a patient’s death during the incident, as first reported by the Health Service Journal.
