Industrial-strength April Patch Tuesday covers 135 CVEs
One actively exploited issue patched; five Critical-severity Office vulns exploitable via Preview Pane
Similar Posts
Maine House Passes Strong Privacy Bill
Bys sEPIC writes: A strong comprehensive privacy bill passed the Maine House of Representatives today. The bill, LD 1822, closely mirrors the privacy law Maryland passed in 2024 and would extend essential privacy protections to Mainers. The bill includes strong data minimization requirements, enhanced protections for sensitive data, and civil rights protections prohibiting data-driven discrimination. EPIC has testified in support of……
Four months after learning of a vendor’s breach, Concord Orthopaedics notifies almost 68,000 patients
Bys sIn November 2024, Everest Team added Concord Orthopaedics (“COPA”) to its dark web leak site (DLS) with screenshots offered as proof of claims. At the time, Everest claimed to have acquired “medical records and personal data of all patients from 2018. More than 30,000 identity documents.” On March 25, 2025, COPA mailed notifications to those…
Cyberattack puts healthcare on hold for hundreds in St. Louis metro
Bys sRussell Kinsaul reports on what sounds like a seriously impactful ransomware attack: Sometime in April, Esse Health was hit by a cyberattack, locking up parts of the health group’s computer network and putting healthcare on hold for many patients. Cindy Wagner needs to switch to a new doctor but her records can’t be transferred because they’re locked up…
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Bys sHewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. “These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass,
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
Bys sCybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet. The DOS (Disk Operating System) and PE (Portable Executable) headers are essential parts of a Windows PE file, providing information about the executable. While the DOS header makes the…
ApolloMD reveals that 626,540 patients were affected by May, 2025 cyberattack
Bys sThere is an update to a breach previously reported on DataBreaches.net. ApolloMD describes itself as a private, independent group of physicians that partners with more than 100 hospitals nationwide to provide integrated, multispecialty physician, Ambulatory Payment Classifications (APCs), and practice management services. As such, they are business associates of HIPAA-covered entities. This week, the Georgia-based……