Healthcare breaches don’t just steal data; they erode trust, disrupt care, and cost millions. The 2015 Anthem data breach compromised 78.8 million records. Since then, attacks have only grown in frequency and sophistication, pushing the average healthcare breach cost to.1 million in 2022 (IBM’s Cost of a Data Breach). For years, healthcare security has focused on perimeter defenses, yet breaches keep escalating.

As organizations scale, the real challenge CTOs face isn’t just securing more code—it’s securing interconnected ecosystems that span multi-cloud environments, microservices, and third-party dependencies. Traditional DevSecOps tools, while competent in their silos, struggle to provide a unified security posture that addresses this interwoven complexity.

The Coast Guard is the only branch of the United States military in the Department of Homeland Security. It enforces federal law, controls the nation’s borders and maritime Approaches, and protects the United States ports and waterways. The premier maritime law enforcement agency has about 55,000 civilian employees and military service members. Like any other military branch, the Coast Guard maintains systems that store national security intelligence and personnel records.

Mars Hydro is a leading Chinese brand producing a wide range of Internet of Things (IoT) devices for indoor gardening and the hydroponics industry. It specializes in designing energy-efficient LED grow lights catering to various plant growth stages, from seedling to flowering, ensuring optimal yield for users.

For our introduction to the challenge, please see Part I.

When it comes to vulnerability management, time is critical - the longer a vulnerability goes unaddressed, the greater the risk. Security teams need efficient, reliable processes that don’t drain resources. For most teams, relying on human effort alone isn’t sustainable or scalable. This is why so many teams turn to workflow orchestration and automation.

Researchers at Cyble warn that a phishing kit is abusing the Open Graph (OG) protocol to target social media users. The Open Graph protocol, originally developed by Facebook in 2010, allows users to control the content preview that’s displayed when a link is posted on social media. The phishing kit, dubbed “OG Spoof,” abuses this feature to post malicious links that appear legitimate.

Phishing and malicious emails remained the primary vectors of infection during the second half of 2024, according to a new report from Acronis. “The number of email-based attacks detected in the second half of 2024 increased 197% compared to the second half of 2023, while the number of attacks per organization within the same time frame increased by 21%,” the report says.

Another major crypto exchange has fallen victim to a hack—this time, Bybit. While the full impact is still unfolding, one thing remains undeniable: storing assets in exchange wallets exposes traders to unnecessary risks. In today’s market, this risk is increasingly unnecessary and manageable, particularly with solutions like off exchange settlement.

2024 saw data-leak sites (DLSs) for 72 extortion groups materialise. As of February 2025, Cyjax has identified DLSs for five new groups, as noted in recent blogs on extortion groups Kraken, Morpheus, GD LockerSec, and Babuk2. The fifth one to emerge goes by the name Linkc. Read on to find out what Cyjax knows so far about this new entrant into the data leak extortion scene.