The Carilion Clinic in Roanoke, Virginia, has taken strong action against 14 employees who were found to have accessed a high-profile patient’s medical records without a legitimate need. Carilion Clinic cannot provide specific details of the HIPAA violation, but their IT system keeps a data trail of employee access to medical records. This incident is not uncommon, as other healthcare organizations have experienced similar breaches and terminated employees involved.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is