Enterprise Security Tech

As the Internal Revenue Service moves to fully digital tax operations in 2026, cybersecurity experts warn that the modernization effort is colliding with a surge in AI-driven fraud. The result is a rapidly expanding attack surface for identity theft, refund fraud, and impersonation scams. In 2025, the IRS reported $10.59 billion in financial crime losses , with $4.5 billion tied directly to tax-related fraud. While the agency continues to strengthen its cybersecurity defenses

A ransomware attack on ApolloMD  has exposed the personal and medical data of more than 626,000 individuals, according to a newly published federal disclosure, underscoring the persistent cybersecurity risks facing healthcare organizations and their third-party partners. The US Department of Health and Human Services breach portal now lists 626,540 individuals as affected by the May 2025 incident, which targeted the Atlanta-based physician and practice management services pr

The Everest ransomware crew is once again claiming a marquee victim, this time alleging it has siphoned a vast trove of customer data from Under Armour and leaked it onto a cybercrime forum. If verified, the incident would rank among the largest retail data exposures in recent memory and highlight how modern ransomware campaigns can linger long after an initial intrusion. The scale of the alleged breach comes from Have I Been Pwned , which says it ingested data tied to 72.7

Cybercriminals like to sell the illusion of professionalism. Malware dashboards are slick, subscription plans are clearly tiered, and promises of easy profits are framed with the language of software-as-a-service. But new research from CyberArk Labs shows how thin that polish can be, and how quickly the roles of attacker and victim can blur. The case centers on StealC, an infostealer that has circulated since early 2023 and is sold through a malware-as-a-service model. Buyer

A wave of LinkedIn phishing attacks is exploiting the platform’s own public comment sections, blurring the line between legitimate support messages and outright fraud in a way that security researchers say marks a new phase in social engineering. The campaign surfaced earlier this week when researchers and targeted users began warning that bot-like accounts were replying directly to posts while impersonating LinkedIn itself. The fake comments claim the recipient has violated

The University of Hawaii Cancer Center is facing growing scrutiny after quietly navigating a ransomware attack that compromised decades old cancer research data, then waiting months to inform regulators and affected individuals. According to a report filed with the Hawaii state legislature in December, attackers gained unauthorized access to servers supporting cancer research operations in late August. The intruders encrypted systems, disrupted access to research files, and