Thompson Coburn law firm disclosed to the Department of Health and Human Services that their systems were breached. The extracted data included highly sensitive information such as names, birthdates, Social Security numbers, medical records, treatment details, provider details, and health insurance information.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and