25M+ Records Exposed, Critical Vulnerabilities Disclosed, OT and ICS Flaws Drive Active Exploitation

Healthcare breaches dominated this reporting period, with ransomware and third-party incidents exposing data tied to more than 25 million individuals. From AI–driven health platforms to billing, dental, and staffing providers, investigations revealed extended unauthorized access windows, large-scale data exfiltration, and delayed notifications that increased regulatory and legal exposure.

This edition also details five critical security vulnerabilities, including flaws in Oracle WebLogic, SAP S/4HANA, Fortinet platforms, Cisco Unified Communications, and endpoint protection tools, with Common Vulnerability Scoring System (CVSS) ratings reaching the maximum score of 10.0. In parallel, threat actors abused legitimate virtual infrastructure to deliver ransomware, confirmed a financial-sector breach affecting approximately 750,000 investors, and expanded coordinated attacks against operational technology (OT), industrial control systems (ICS), and AI environments supporting critical infrastructure.

How ColorTokens Threat Intelligence Helps You Stay Breach Ready:

• Prioritizes five critical Common Vulnerabilities and Exposures (CVEs), including multiple flaws with CVSS scores of 10.0, most likely to enable remote code execution and authentication bypass.
• Tracks healthcare breaches impacting over 25 million patient records, exposing recurring ransomware techniques and third-party risk patterns.
• Reveals how ransomware groups abuse legitimate virtual machines and hosting platforms to scale payload delivery and avoid takedowns.
• Highlights OT and ICS attacks across more than 2,400 disclosed vulnerabilities, including repeated exploitation of human-machine interfaces (HMIs) and supervisory control systems.
• Delivers actionable indicators of compromise (IOCs) across IP addresses, domains, URLs, and file hashes to support faster containment and response.

Our cybersecurity specialists can help you interpret these threat patterns and strengthen defenses against active exploitation, ransomware escalation, and lateral movement.