Healthcare is a industry tracked across 50 threat clusters and 1161 intelligence report mentions on ThreatCluster. First observed October 23, 2025; most recent activity July 17, 2026.
A critical command injection vulnerability, CVE-2026-42271, in LiteLLM, an open-source AI gateway, allows unauthenticated remote code execution (RCE) when chained with CVE-2026-48710, a Host header validation bypass in…
Hackers have compromised the personal information of thousands of current and former students in Victorian government schools. The breach includes names, email addresses, year levels, and encrypted passwords, affecting…
The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…
In December 2025, Poland's power grid was targeted by a sophisticated cyberattack attributed to Russia's Federal Security Service (FSB). The attack aimed to disrupt communication between renewable energy systems and…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
The University of Mississippi Medical Center (UMMC) experienced a ransomware attack that compromised its IT systems, leading to the closure of clinics statewide. UMMC officials confirmed the incident occurred on…
On March 11, 2026, medical technology firm Stryker experienced a significant cyberattack attributed to the Iran-linked hacking group Handala. The attack exploited vulnerabilities in Stryker's Microsoft Intune endpoint…
In February 2024, Change Healthcare suffered a ransomware attack attributed to the ALPHV group, impacting approximately 190 million individuals, making it the largest medical data breach in U.S. history. The attack…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…