Cybersecurity firm Sophos has reported a rise in successful ransomware attacks on healthcare data, with 75% of recent breaches resulting in data encryption, up from 61% last year. Healthcare organizations’ ability to deter such attacks before encryption fell from 34% last year to just 24% this year. Data theft also occurred in 37% of successful attacks. Despite this, ransom payments fell from 61% to 42%, while the overall number of ransomware attacks fell from 66% to 60%. Sophos warned that the sector is “losing ground” and urged a “modern” approach to cyber defense.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and