Welcome to our first week of our weekly cybersecurity update as we examine digital security updates.
The organization should stay current with principal cybersecurity threats alongside defensive measures which ensure ransomware protection along with state-sponsored attack defense and AI, ML and quantum computing impact understanding.
You will find up-to-date information about AI-phishing campaigns as well as ML malware and quantum computing capabilities which could break encryption standards. The industry works on securing remote workers while protecting IoT devices.
This article, also includes a segment about recent changes in data protection laws which includes GDPR and CCPA. Receive updates about current cybersecurity news and major data breaches together with information about new security weaknesses in our gatherings.
Weekly Cybersecurity Update: Data Breaches Exposed Millions of Records
United Health Ransomware Attack: Largest Medical Data Breach in U.S. History
UnitedHealth Group said a ransomware attack against its subsidiary, Change Healthcare, in February 2024 affected the personal and medical-file records of about 190 million people nearly twice theโpreviously estimated number. The compromise involved insurance details, medical records and other sensitiveโdata, and some of it has already appeared online.
This cyber attack disrupted the U.S. healthcare system itself by delayingโclaims processing and affecting patient care.
Change Healthcare, it says, paid several ransoms to ensure sensitive filesโwerenโt shared. The incident has attracted regulatory scrutiny as concerns mount over cybersecurity preparedness inโthe healthcare sector.
Hacked: DeepSeek AI Data Breach Exposes SensitiveโInformation
A significant security flaw in a Chinese AI startup deployed by DeepSeek resulted in a public interface to a ClickHouse database exposing more than oneโmillion entries of logs that contain chat logs, plaintext API keys, backend service metadata, and operating information.
An attacker gaining unauthorized access to the database potentially would allow them to run malicious commands and extractโproprietary information about OpenAIโs AI models.
This incursion it was an incursion too exposes the increasing dangers in the AI universe, where intensity of scaling can come at the expense of security. DeepSeek has since locked down the exposed database,โbut has not issued an official statement.
Critical vulnerabilitiesโand security updates
GitHub Credential Exposure
A numberโof vulnerabilities in GitHub Desktop and Git Credential Manager have been discovered, one of which could expose credentials due to improper handling of text-based protocols. Theseโrisks are mitigated by security updates.
Apple Zero-Day Exploitโ(CVE-2025-24085)
Apple FixesโActively Exploited iPhone Zero-Day Vulnerability The vulnerability (a use-after-free issue in Core Media) also allows a privilegeโescalation. Users needs to upgrade to theโvery latest iOS 18.3 right away.
SQL Injection in VMware Avi LoadโBalancer (CVE-2025-22217)
A critical SQL injection vulnerability in VMwareโs Avi Load Balancer may allow an unauthenticated attacker to access databases. The security patches are available now.
GitLab XSS Vulnerability (CVE-2025-0314)
A high-severity vulnerability in GitLab, the common software development tool, isโthe possibility what cross-site scripting (XSS) vulnerability, which could lead to session hijacking and data theft. Users are recommended toโupdate to the latest versions to safeguard their accounts.
Apache Solr Vulnerabilityโ(CVE-2024-52012)
A vulnerability in Apache Solrโs configured upload APIโallows for unauthorized file writes, which could result in system compromise. For users running Solr on Windows, upgrade to 9.8.0.
Metaโs Exploit for Llama Stack (CVE-2024-50050)
A remote code execution vulnerability in Metaโs Llama Stack framework Based onโunsafe deserialization of Python objects via the pickle module. A patch (version 0.0.41) is out, and users are urgedโto upgrade right away.
TeamViewer PrivilegeโEscalation (CVE-2025-0065)
Security Advisory forโVulnerability in TeamViewer for Windows/ Utilisateur local- TeamViewer_forward slash Windows This issue has been resolved with the release of version 15.62, and users should upgrade as soon asโpossible.
Ongoing Cyber Threatsโand Attack Campaigns
Akira Ransomware TargetingโVMware ESXi Servers
The Akira ransomware gang has a Linux variant that featuresโVM already, which strikes VMware ESXi servers with Rusty encryption. ESXi will be based on the use of an organization should up to date.
WhatsApp Users Targeted byโZero-Click Spyware
After exposing a zero-click spyware attack, developed by the Israeli company Paragon, that infected almost 100 WhatsApp users,โincluding journalists and members of civil society. Theโspyware could also eavesdrop on encrypted messages, turn on microphones and pilfer credentials. WhatsApp hasโcontained the attack and has informed the affected users.
Ransomware Attack by Hackers in 11 Days
A sophisticated attackโcampaign took 11 days from initial compromise through to the full deployment of LockBit ransomware across a network. [Some tools as Cobalt Strike, SystemBC proxies, Mega] io for data exfiltration andโdisabling security defenses.
Intel TDX Bug Exposes Lifting Traceโof Virtualization
An attacker can use a vulnerabilityโin Intelโs Trust Domain Extensions (TDX) to infer sensitive data in virtualized cloud environments. Intelโis already looking into security mitigations.)
Big Cyberattacks & Money Losses
Vulnerable IIS, Apache, and SQLโServers Abused in Espionage Campaign
Public-facing IIS,โApache Tomcat, and MSSQL servers used in a cyberespionage campaign that targeted South Asian government and telecom networks. For data exfiltration, the attackers deployed PowerShell reverse shells and CobaltโStrike beacons. They recommend organizationsโto monitor DNS traffic for anomalies.
DeepSeekโHit With A Cyber Attack On Massive Scale
DeepSeek, which has recently dethroned OpenAIโs ChatGpt in the App Storeโs popularity, said itโfell victim to a large-scale cyberattack. The company also suspended new user registrations but maintained serviceโfor existing users. And the rapid pace of AIโadoption creates a soft target for hackers, experts say.
$85 Million Phemex Exchange Theft inโCryptocurrency
The Singapore-basedโcrypto exchange Phemex was hacked with $85 million lost from hot wallets. Theโattackers abused different block chains, one of which was Ethereum & Bitcoin. Though security upgrades have been made, NorthโKorean hacker groups are suspected to be behind the breach.
Millions of UsersโExposed by Airline API Security Flaw
A flaw in a third-party travel service application programming interface (API) left millions of airline customersโvulnerable to potential account takeovers. OAuth redirect manipulation was used by the attackers to gain access to session tokens, gaining accessโto user data. Theโvulnerability has now been fixed.
Final Thoughts
Cybersecurityโthreats are evolving, with attackers using AI, quantum computing, zero-day exploits breaching systems.
Entities need to be active with answering fans, timely spots,โand advanced danger location systems.
We will bring you more updatesโin our weekly cybersecurity reports
to stay aheadโof new threats and to protect your digital hustle effectively
