Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2025 marked one of the most active months for reported healthcare breaches in the United States. The HHS OCR Breach Portal documented 74 breach incidents involving more than 4.2 million individuals. This represents a 23% increase in affected records compared to April 2025. This month’s spike reveals a troubling trend: healthcare organizations are facing intensified cyber threats with limited improvements in prevention.

The use of artificial intelligence in cyberattacks is now a growing concern. From the automated creation of malware to more sophisticated phishing campaigns, AI’s ability to enhance the scale and effectiveness of threats has become a cause for alarm. However, Version’s 2024 Data Breach Investigations Report (DBIR) states that only 2% of analyzed data breaches directly involved the use of this technology.

In the ever-vigilant effort to secure the open-source ecosystem, Veracode’s continuous monitoring systems recently flagged a pair of npm malware packages—solders and @mediawave/lib. The malicious behavior, however, is not at all obvious at first because of a layer of unusual Unicode obfuscation that caught our attention. Our investigation focused on the solders package, which leverages a common yet critical attack vector: a postinstall script in its package.json.

Sometimes preparing dinner can be a complicated task. You’re juggling a stir-fry, boiling pasta, prepping a salad, and all you want is to say “Chop the onions” and have it done. No switching between tasks, no looking up steps. Just state the intent, and it’s executed. We wanted that same level of simplicity when interacting with our environment, including sites, users, topology, and real-time data. That led us to build Cato’s Model Context Protocol (MCP) Server.

MainStreet is a community-oriented bank in Fairfax, Virginia. Established in 2004, it is under the MainStreet Bancshares Incorporated, a small-cap financial holding organization. The financial institution follows a “branch-lite” model with six physical locations, though it offers significant banking services like mobile and online banking.

Swiss-owned luxury jeweler, Cartier, has had its website hacked and customer data compromised in the incident. Cartier, a subsidiary of Richemont, produces some of the world's finest watches, bracelets, and necklaces, which have been worn by Michelle Obama, Taylor Swift, and Angelina Jolie.

Apex predators in cybersecurity are the top-tier threat actors that most security teams never see coming. These aren’t script kiddies or opportunistic ransomware groups. We’re talking about nation-state APTs, elite criminal syndicates, and sophisticated actors with unlimited budgets and custom toolkits.

Credential theft attacks have emerged as the dominant threat vector in 2025, with IBM X-Force observing an 84% increase in emails delivering infostealers in 20241 and credential theft attacks increasing by 703% in the second half2 of 2024. As vulnerability exploitation and credential theft now surpass phishing as the primary initial access methods, organizations must implement comprehensive credential theft prevention strategies to defend against credential-based attacks.

Key takeaways Most modern software isn’t built from scratch. It’s assembled from dozens, sometimes hundreds, of external components like open-source libraries, third-party APIs, CI/CD tools, build scripts, and deployment pipelines. This entire ecosystem is what we call the software supply chain. Similar to a physical supply chain, if one weak link breaks, the whole system is at risk.

As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud alerts issued), medical records stay fresh for a long time.