InfoSecBulletin Cybersecurity for mankind
The fallout from the MOVEit Transfer data breach is growing. The U.S. CMS announced that hundreds of thousands of Medicare recipients were affected. Additionally, the Canadian government revealed a data breach affecting former and current public service employees. On a different note, the INC Ransom group, a new threat, added two victims to its leak site. Here’s what you need to know from the weekend.
The CMS in the US reported that the MOVEit data breach, caused by the Cl0p ransomware group, impacted more than 330,000 Medicare recipients.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
The Canadian government revealed a data breach that may have affected the personal and financial information of current and former employees in public service, as well as members of the RCMP and Canadian Armed Forces.
NoEscape, the ransomware group, said they attacked PruittHealth’s IT system. They will release 1.5TB of stolen data if they are not contacted by a negotiator within three days.
Stanley Steemer International was hacked and the personal and financial information of around 67,000 customers was stolen.
Yamaha Motor Philippines experienced a ransomware attack where the employees’ personal information was stolen. The INC Ransom group took responsibility for the attack and targeted WellLife Network as well.
