Welcome to our first week of our weekly cybersecurity update as we examine digital security updates.
The organization should stay current with principal cybersecurity threats alongside defensive measures which ensure ransomware protection along with state-sponsored attack defense and AI, ML and quantum computing impact understanding.
You will find up-to-date information about AI-phishing campaigns as well as ML malware and quantum computing capabilities which could break encryption standards. The industry works on securing remote workers while protecting IoT devices.
This article, also includes a segment about recent changes in data protection laws which includes GDPR and CCPA. Receive updates about current cybersecurity news and major data breaches together with information about new security weaknesses in our gatherings.
Weekly Cybersecurity Update: Data Breaches Exposed Millions of Records
United Health Ransomware Attack: Largest Medical Data Breach in U.S. History
UnitedHealth Group said a ransomware attack against its subsidiary, Change Healthcare, in February 2024 affected the personal and medical-file records of about 190 million people nearly twice the previously estimated number. The compromise involved insurance details, medical records and other sensitive data, and some of it has already appeared online.
This cyber attack disrupted the U.S. healthcare system itself by delaying claims processing and affecting patient care.
Change Healthcare, it says, paid several ransoms to ensure sensitive files weren’t shared. The incident has attracted regulatory scrutiny as concerns mount over cybersecurity preparedness in the healthcare sector.
Hacked: DeepSeek AI Data Breach Exposes Sensitive Information
A significant security flaw in a Chinese AI startup deployed by DeepSeek resulted in a public interface to a ClickHouse database exposing more than one million entries of logs that contain chat logs, plaintext API keys, backend service metadata, and operating information.
An attacker gaining unauthorized access to the database potentially would allow them to run malicious commands and extract proprietary information about OpenAI’s AI models.
This incursion it was an incursion too exposes the increasing dangers in the AI universe, where intensity of scaling can come at the expense of security. DeepSeek has since locked down the exposed database, but has not issued an official statement.
Critical vulnerabilities and security updates
GitHub Credential Exposure
A number of vulnerabilities in GitHub Desktop and Git Credential Manager have been discovered, one of which could expose credentials due to improper handling of text-based protocols. These risks are mitigated by security updates.
Apple Zero-Day Exploit (CVE-2025-24085)
Apple Fixes Actively Exploited iPhone Zero-Day Vulnerability The vulnerability (a use-after-free issue in Core Media) also allows a privilege escalation. Users needs to upgrade to the very latest iOS 18.3 right away.
SQL Injection in VMware Avi Load Balancer (CVE-2025-22217)
A critical SQL injection vulnerability in VMware’s Avi Load Balancer may allow an unauthenticated attacker to access databases. The security patches are available now.
GitLab XSS Vulnerability (CVE-2025-0314)
A high-severity vulnerability in GitLab, the common software development tool, is the possibility what cross-site scripting (XSS) vulnerability, which could lead to session hijacking and data theft. Users are recommended to update to the latest versions to safeguard their accounts.
Apache Solr Vulnerability (CVE-2024-52012)
A vulnerability in Apache Solr’s configured upload API allows for unauthorized file writes, which could result in system compromise. For users running Solr on Windows, upgrade to 9.8.0.
Meta’s Exploit for Llama Stack (CVE-2024-50050)
A remote code execution vulnerability in Meta’s Llama Stack framework Based on unsafe deserialization of Python objects via the pickle module. A patch (version 0.0.41) is out, and users are urged to upgrade right away.
TeamViewer Privilege Escalation (CVE-2025-0065)
Security Advisory for Vulnerability in TeamViewer for Windows/ Utilisateur local- TeamViewer_forward slash Windows This issue has been resolved with the release of version 15.62, and users should upgrade as soon as possible.
Ongoing Cyber Threats and Attack Campaigns
Akira Ransomware Targeting VMware ESXi Servers
The Akira ransomware gang has a Linux variant that features VM already, which strikes VMware ESXi servers with Rusty encryption. ESXi will be based on the use of an organization should up to date.
WhatsApp Users Targeted by Zero-Click Spyware
After exposing a zero-click spyware attack, developed by the Israeli company Paragon, that infected almost 100 WhatsApp users, including journalists and members of civil society. The spyware could also eavesdrop on encrypted messages, turn on microphones and pilfer credentials. WhatsApp has contained the attack and has informed the affected users.
Ransomware Attack by Hackers in 11 Days
A sophisticated attack campaign took 11 days from initial compromise through to the full deployment of LockBit ransomware across a network. [Some tools as Cobalt Strike, SystemBC proxies, Mega] io for data exfiltration and disabling security defenses.
Intel TDX Bug Exposes Lifting Trace of Virtualization
An attacker can use a vulnerability in Intel’s Trust Domain Extensions (TDX) to infer sensitive data in virtualized cloud environments. Intel is already looking into security mitigations.)
Big Cyberattacks & Money Losses
Vulnerable IIS, Apache, and SQL Servers Abused in Espionage Campaign
Public-facing IIS, Apache Tomcat, and MSSQL servers used in a cyberespionage campaign that targeted South Asian government and telecom networks. For data exfiltration, the attackers deployed PowerShell reverse shells and Cobalt Strike beacons. They recommend organizations to monitor DNS traffic for anomalies.
DeepSeek Hit With A Cyber Attack On Massive Scale
DeepSeek, which has recently dethroned OpenAI’s ChatGpt in the App Store’s popularity, said it fell victim to a large-scale cyberattack. The company also suspended new user registrations but maintained service for existing users. And the rapid pace of AI adoption creates a soft target for hackers, experts say.
$85 Million Phemex Exchange Theft in Cryptocurrency
The Singapore-based crypto exchange Phemex was hacked with $85 million lost from hot wallets. The attackers abused different block chains, one of which was Ethereum & Bitcoin. Though security upgrades have been made, North Korean hacker groups are suspected to be behind the breach.
Millions of Users Exposed by Airline API Security Flaw
A flaw in a third-party travel service application programming interface (API) left millions of airline customers vulnerable to potential account takeovers. OAuth redirect manipulation was used by the attackers to gain access to session tokens, gaining access to user data. The vulnerability has now been fixed.
Final Thoughts
Cybersecurity threats are evolving, with attackers using AI, quantum computing, zero-day exploits breaching systems.
Entities need to be active with answering fans, timely spots, and advanced danger location systems.
We will bring you more updates in our weekly cybersecurity reports
to stay ahead of new threats and to protect your digital hustle effectively