Kaiser Foundation Health Plan reported a 13.4-million record data breach, which involves members’ names, IP addresses, and interaction data. The breach stemmed from technologies installed on its websites and apps that transmitted data to third-party vendors. Monument and mental healthcare platform Cerebral were recently fined by the FTC over third-party data-sharing practices. The OCR has also voiced concern over third-party tracking technology use in HIPAA-covered entities.

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
An updated version of a malware loader, known as Hijack Loader, has been discovered with new features aimed at evading detection and maintaining persistence. The