We bring to your attention a sampling of recent media stories involving cyber risk & privacy liability. Among the stories we’re highlighting this month: Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines, Feuding Ransomware Groups Leak Each Other’s Data, Ransomware Negotiator Pleads Guilty to Conspiracy, AI Signals in Email Attacks, and more!

Breach Tracker

• Major Online Learning Management System Falls Victim to Cyberattack: Steps Universities Should Take Now to Limit Risk (read more)
• Iranian APT Intrusion Masquerades as Chaos Ransomware Attack (read more)
• Middle East Cyber Battle Field Broadens — Especially in UAE (read more)
• Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak (read more)
• California Announces $12.75 Million Data Minimization Settlement With GM (read more)
• Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines (read more)
• “Fundamental Tension” Undermines Manufacturers’ Cybersecurity (read more)
• Tech, Telecom Leaders Sound Alarm on Rising Cyber-Enabled Financial Crime by International Criminal Networks (read more)
• Feuding Ransomware Groups Leak Each Other’s Data (read more)
• Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims (read more)

The Evolving Cyber Threat Landscape

• State CIOs, CISOs Issue Distress Signal on AI, Limited Resources (read more)
• Resilience Report Finds Manufacturing Leads Global Cyberattack Targets, With Ransomware Dominating Losses (read more)
• New Cyber Resilience Readiness Program Developed by Joint Commission; AHA (read more)
• Oil and Gas Sector’s Confidence in OT Detection Masks Dangerous Visibility Gap (read more)
• The Instructure Canvas Incident: What Happened and What’s Next? (read more)
• DOJ Fraud Qui Tam Enforcement Is Coming Into Focus (read more)
• LevelBlue TTP Briefing Q1 2026: Trust Abuse Exposes Weaknesses (read more)
• ClickFix Campaign Uses Fake macOS Utilities Lures to Deliver Infostealers (read more)
• Agentic AI Models May Give Cyber Criminals New Tools for Cyber Attacks (read more)
• UK Survey Shows Gap Between Perceived Security, Operational Resilience (read more)
• AI Signals in Email Attacks: Boosting Detection and Threat Hunting (read more)

Insights for Small to Medium Businesses

• The Invisible Insider: How AI Agents Enable Undetectable Trade Secret Theft – and What Companies Must Do Now (read more)
• Target-Rich, Cyber-Poor: How to Strengthen Cybersecurity and Build Resilience in Vulnerable Sectors (read more)
• World Password Day: Why Strong Passwords Still Matter (read more)
• Why SMBs Are Cutting AI Spend—but Doubling Down on Automated Defense (read more)