Cybersecurity firm Cyberhaven was targeted in a large-scale malware attack, infecting 400k users through their Chrome extension. The attack began with a phishing email sent to a Cyberhaven administrator. The firm then released a malicious version of the extension, which inadvertently spread to users. The hack enabled the theft of users’ sensitive data. Subsequent investigations discovered dozens of other Chrome extensions with the same malicious code, affecting over one million computers.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted