Image of a screen with code on it.

2 min read

CISA warns of rapidly spreading Shai Hulud worm disrupting some software supply chains

On September 23, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about a widespread supply chain compromise targeting the world’s largest JavaScript registry, npmjs.com.

Read More
Image of a gavel.

2 min read

Jefferson Healthcare settles lawsuit over Meta Pixel patient data sharing

The Washington-based provider will stop using Meta Pixel for at least two years and offer privacy tool subscriptions as part of the settlement.

Read More
Image of a website pasted into a browser.

2 min read

Cadia Healthcare pays settlement after posting patient stories without consent

In September 2021, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) received a complaint alleging that Cadia...

Read More
23and me logo

2 min read

23andMe seeks court approval for $50M revised data breach settlement

The genetic testing firm has increased its proposed US settlement following a 2023 credential stuffing breach affecting millions.

Read More
computer with red data

1 min read

GAO flags 82 unresolved cyber and IT gaps at HHS

A federal watchdog has warned that the U.S. Department of Health and Human Services must urgently act on decades-old cybersecurity and IT...

Read More
 Is SAP HIPAA compliant? (2025 update)

2 min read

Is SAP HIPAA compliant? (2025 update)

Based on our research, SAP can be HIPAA compliant because it meets the requirements set by the U.S. Department of Health and Human Services (HHS) to...

Read More
Image of an AI chatbox.

2 min read

AI chatbot apps leak user prompts and tokens in massive data exposure

An open server tied to three popular generative AI apps has exposed sensitive data from potentially millions of users.

Read More
Image of a gavel with someone shaking hands.

2 min read

R1 RCM and Dignity Health settle data breach lawsuit for $675,000

The 2023 breach exposed sensitive patient data; affected individuals may now claim credit monitoring and compensation.

Read More
Image of a keyboard.

2 min read

Root cause of Salesforce breaches traced to OAuth token theft

A coordinated cyberattack exploited OAuth tokens linked to Salesforce, exposing hundreds of companies to data compromise.

Read More
Is Validic HIPAA compliant? (2025 update)

1 min read

Is Validic HIPAA compliant? (2025 update)

Based on our research, Validic is HIPAA compliant because it meets the requirements set by the U.S. Department of Health and Human Services (HHS) to...

Read More
provider at computer

2 min read

Medicare telehealth coverage expires September 30 for behavioral healthcare

Medicare will require in-person visits for telehealth mental health services beginning October 1, 2025, unless Congress extends current waivers...

Read More
Image of a lock.

2 min read

Hackers leak data of 150,000 AIL customers

American Income Life (AIL) has allegedly suffered a major data breach after hackers claimed to have leaked the personal details of more than 150,000...

Read More
Image of someone in an FBI jacket.

2 min read

FBI warns cybercriminal groups target Salesforce platforms

On September 12, 2025, the FBI released an alert warning about two cybercriminal groups, UNC6040 and UNC6395, that have been targeting organizations’...

Read More