Cybercriminals have published online patient data they stole during a ransomware attack on Synnovis, a UK pathology firm providing services to major London hospitals. The hackers, called Qilin, stole 400GB of data including patient names, NHS registration numbers, and blood test descriptions, and threatened to publish it unless they were paid. The June 3 attack caused havoc, disrupting organ transplants, and preventing Synnovis from processing most blood tests. A cybersecurity expert described it as “probably one of the most significant cyberattacks on the NHS.”
CISA Adds Apache, Microsoft Bugs to Know Exploited Vulnerabilities Database
The U.S. CISA updated its Known Exploited Vulnerabilities (KEV) Catalog, highlighting several critical vulnerabilities including Apache OFBiz (CVE-2024-45195), Microsoft .NET Framework (CVE-2024-29059), and Paessler PRTG
