In December 2023, a cyberattack hit the Fred Hutchinson Cancer Center (Fred Hutch), resulting in the exfiltration of patient data and attempted extortion. Threat actors, known as Hunters International, subsequently leaked and sold data online, including names, contact information, dates of birth, insurance details, and medical record numbers, though this was not shared in Fred Hutch’s public disclosures. Despite being contacted multiple times by DataBreaches, Fred Hutch did not respond to queries about their handling of the situation.
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and
