The US Department of Health and Human Services (HHS) is planning comprehensive efforts to enhance cybersecurity in the healthcare sector. These include setting voluntary cybersecurity performance goals, seeking legislation for incentive payments and tougher enforcement, and creating a ‘one-stop shop’ for sector cybersecurity support. The department is also working to incorporate these actions into existing regulations and will propose new cybersecurity requirements under Medicare, Medicaid, and HIPAA in 2024.
Compromised GitHub Action Exfiltrates Workflow Credentials to Attacker Domain
A widely used GitHub Action called actions-cool/issues-helper has been compromised, with every version tag in the repository silently redirected to a malicious commit. The attack
