The Department of Health and Human Services (HHS) has highlighted the threat posed by a ransomware group called TimisoaraHackerTeam (THT). Named after a Romanian town, the little-known group has previously targeted healthcare organizations, most recently a US cancer center in June 2023. THT uses encryption techniques to paralyze healthcare systems and is known to exploit vulnerabilities in systems such as Microsoft Exchange servers and Fortinet firewalls.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is