Here is the most recent Cybersecurity news for the past week:
🚨 Conduent Suffers Massive Ransomware Data Breach
Government technology contractor Conduent is facing the fallout of a massive cyber breach impacting an estimated 25 million individuals across the U.S. The Safepay ransomware group has claimed responsibility, stating they exfiltrated over 8 terabytes of sensitive data, including Social Security numbers, medical histories, and health insurance details. The breach, which initially occurred between October 2024 and January 2025, went undetected for months and is currently under investigation by the Texas Attorney General.
⚠️ CISA Orders Emergency Patch for Dell RecoverPoint Zero-Day
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency order requiring U.S. federal agencies to patch a critical zero-day vulnerability (CVE-2026-22769) in Dell RecoverPoint for Virtual Machines. A suspected China-nexus threat cluster, UNC6201, has been actively exploiting this hardcoded credential flaw since mid-2024 to deploy a backdoor dubbed “Grimbolt,” which allows attackers persistent unauthorized access to VMware backup and recovery environments.
🐛 SANDWORM_MODE Supply Chain Worm Targets Developers
Security researchers have uncovered an active supply chain worm campaign utilizing at least 19 malicious npm packages. The “Shai-Hulud-like” worm, dubbed SANDWORM_MODE, relies on typosquatting to mimic popular Node.js and AI development tools. Once executed, the hidden payloads harvest developer credentials, cryptocurrency keys, and API tokens, automatically propagating by abusing stolen GitHub and npm identities to expand its reach across developer environments.
🏥 Ransomware Attack Disrupts Mississippi Medical System
A severe ransomware attack recently struck the University of Mississippi Medical Center (UMMC), knocking out critical IT infrastructure and electronic medical records. The disruption forced the closure of all statewide clinics and the cancellation of elective procedures, requiring hospitals to revert to manual downtime protocols. Federal and state authorities, including the FBI, are actively involved as UMMC attempts to restore its systems and investigate potential patient data compromises.
💳 PayPal Working Capital Bug Exposes Customer Data
PayPal has disclosed a data breach resulting from a coding error in its PayPal Working Capital (PPWC) loan application. The flaw left highly sensitive customer information, including Social Security numbers, dates of birth, and contact details, exposed to unauthorized individuals for over five months, spanning from July to December 2025. The company patched the vulnerable code in mid-December and has recently begun sending out formal breach notifications and offering credit monitoring to affected users.
