Threat Intelligence Executive Report – Volume 2025, Number 3
This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during March and April
Similar Posts
MSCS board renews contract with PowerSchool while suing them
Bys s
Brian Didlake reports: Memphis-Shelby County Schools board members approved a multi-million dollar contract to continue doing business with a company they’re suing in court. The school board announced it was filing a lawsuit against PowerSchool earlier this month after thousands of students’ personal information was leaked. Now, board members said that was in the past…
Takeaways from our investigation on AI-powered school surveillance
Bys s
Sharon Lurye of The Associated Press and Claire Bryan of The Seattle Times report: Thousands of American schools are turning to AI-powered surveillance technology for 24/7 monitoring of student accounts and school-issued devices like laptops and tablets. The goal is to keep children safe, especially amid a mental health crisis and the threat of school shootings. Machine-learning algorithms detect potential indicators of problems…
Scania confirms insurance claim data breach in extortion attempt
Bys s
Bill Toulas reports: Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim documents. Scania told BleepingComputer that the attackers emailed several Scania employees, threatening to leak the data online unless their demands were met. … Late last week, threat…
HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply.
Bys s
Occasionally, entities in other countries try to take legal action against DataBreaches.net to chill or censor this site’s reporting on their breaches. None of them have prevailed, in part due to the protections we have here under the First Amendment, and in part to the legal defense afforded this site by Covington and Burling. This…
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
Bys s
Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The “Enterprise GenAI Data Security Report 2025” by LayerX delivers unprecedented insights
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Bys s
Connor Jones reports: Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL)….