A security breach at Kansas-based Sunflower Medical Group has potentially exposed the personal and health insurance information of over 220,000 Americans. The violation, discovered in January 2025 and believed to have occurred in December 2024, has seen an unknown third party access and duplicate data files. Sunflower has alerted affected customers and offered identity theft protection services. There are no reports of the data being misused.

Large enterprises scramble after supply-chain attack spills their secrets
Open-source software used by over 23,000 organisations was compromised by attackers who accessed a maintainer account, injecting credential-stealing code. The corrupted package, part of tj-actions,