63% of CISA-tracked Known Exploited Vulnerabilities (KEVs) can be found on healthcare networks, according to Claroty. Research shows 72% of medical devices are connected to the internet, with only 13% supporting endpoint protection. Also, 14% of devices run on unsupported or end-of-life operating systems, increasing their vulnerability. Hospital practices, like bridging guest and internal networks and using legacy devices, add to the security issue.

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
An updated version of a malware loader, known as Hijack Loader, has been discovered with new features aimed at evading detection and maintaining persistence. The