The riskiest medical devices, representing the top 1%, are used by 89% of healthcare organizations, according to Claroty’s report. These Internet-of-Medical-Things (IoMT) devices are vulnerable and frequently connected to hospital information systems (20%) and imaging systems (8%). Nearly all healthcare organizations have at least some of these devices in their systems. Vulnerable operational technology devices, however, are less common, accounting for only 0.3% of devices in healthcare systems.
Spring Security Vulnerability Let Attackers Determine Which Usernames are Valid
A vulnerability (CVE-2025-22234) in various Spring Security versions allows attackers to exploit timing attacks to determine valid usernames, jeopardizing user enumeration defenses. Affected versions include
