Cybercrime
,
Fraud Management & Cybercrime
,
Incident & Breach Response
Also, 23andMe Breach Settlement, GitHub AI Flaw, Ubiquiti Patches Critical Bugs

Every week, ISMG rounds up cybersecurity incidents and breaches around the world. This week, a survey found many cybersecurity professionals are pressured to conceal breaches, researchers exposed a GitHub artificial intelligence agent flaw that can leak private repositories, Ubiquiti patched seven critical UniFi OS vulnerabilities and CISA ordered agencies to patch an actively exploited ColdFusion flaw. Cisco Talos tracked an expanding Chinese ORB, experts assessed the risk from the U.K. government’s alleged FortiBleed credential exposure, a judge approved a $46.75 million settlement for 23andMe breach victims, Medtronic disclosed 3.8 million affected individuals and Cerner’s 2025 breach victim count climbed into the millions.
See Also: Know Thy Enemy: Threats to Cyber Resilience
Most Cybersecurity Workers Told to Conceal Breaches: Report
More than half of cybersecurity professionals who experienced a security incident in the past year said they were instructed to keep it confidential, even though they believed it should have been reported to authorities, found cybersecurity company Bitdefender in a survey.
The survey found that 55% of respondents who dealt with a security incident said they were ordered not to disclose. The percentage tracks with previous Bitdefender surveys, the company said – a finding that likely points to a stubborn cultural norm lagging behind regulatory changes demanding more transparency. “Changing behavior may require making disclosure feel less punishing. Or perhaps the opposite: making secrecy impossible to justify,” the firm concluded.
The report, based on responses from more than 1,200 IT and cybersecurity professionals across organizations of varying sizes, also found that many security teams continue to struggle with visibility, AI governance and security tooling.
More than half of respondents said AI is giving attackers a greater advantage than defenders, while 47% reported having only partial or no visibility into employees’ use of unauthorized AI applications, or shadow AI. Organizations also cited growing concerns about data sovereignty and the operational burden of endpoint detection and response platforms.
GitHub AI Agent Flaw Could Expose Private Repositories
A prompt injection attack can trick GitHub’s Agentic Workflows into exposing data from private repositories through a public GitHub issue, researchers at Noma Security found.
The attack, dubbed GitLost, targets GitHub Agentic Workflows, a public preview feature that uses AI agents to automate development tasks. An attacker need only open what appears to be a legitimate issue in a public repository. If the AI agent has been granted read access to private repositories within the same organization, it can retrieve sensitive information and publish it in a public comment.
Researchers said the attack requires no stolen credentials, prior access or coding skill. Instead, it exploits indirect prompt injection, in which the AI agent treats malicious instructions embedded in untrusted content as legitimate commands.
In a proof-of-concept demonstration, the researchers submitted a routine-looking support request to a public repository. After the issue was assigned, the AI agent accessed a private repository, extracted its README file and posted the contents publicly. The researchers also found GitHub’s threat detection guardrails could be bypassed with a minor wording change, causing the model to reframe the request rather than refuse it.
Ubiquiti Fixes 7 Critical UniFi OS Vulnerabilities
Enterprise wireless router manufacturer Ubiquiti patched seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that could allow attackers with network access to execute commands on affected host devices.
The company said CVE-2026-50746, which carries a maximum CVSS score of 10, affects UniFi Connect Application version 3.4.16 and earlier versions. The flaw stems from improper access control and can allow command injection on the host device.
Ubiquiti also fixed six other critical flaws affecting UniFi Talk, UniFi Access, UniFi Protect, UniFi OS Server and several routers, gateways, network video recorders and surveillance systems. Six of the seven flaws can be exploited in low-complexity attacks without user interaction. Ubiquiti has not disclosed whether any of the newly patched vulnerabilities were exploited in the wild before fixes were issued.
Threat intelligence firm Censys identified more than 100,000 internet-exposed UniFi OS instances, with nearly 50,000 located in the United States, though the firm said its data may include historical scan results and might not reflect current exposure.
The advisory comes weeks after the U.S. Cybersecurity and Infrastructure Security Agency warned that attackers were exploiting three separate maximum-severity UniFi OS flaws patched in May (see: 3 Maximum-Severity Ubiquiti Flaws Under Active Exploitation).
CISA Orders Feds to Patch Exploited ColdFusion Flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency ordered federal civilian agencies to patch an actively exploited Adobe ColdFusion path traversal vulnerability by Friday after adding it to its Known Exploited Vulnerabilities catalog.
The flaw, tracked as CVE-2026-48282, carries a maximum CVSS score of 10.0. The vulnerability allows remote, unauthenticated attackers to access restricted directories and ultimately achieve arbitrary code execution on vulnerable servers in low-complexity attacks that require no user interaction.
Threat intelligence expert Ryan Dewhurst in an X post said attackers began exploiting the flaw within two hours of Adobe’s June 30 disclosure and patch release.
Internet monitoring nonprofit Shadowserver said it tracks nearly 800 internet-exposed ColdFusion instances, although it is unclear how many are vulnerable or intentionally exposed as honeypots.
China-Linked UAT-7810 Expands ORB Malware Arsenal
A suspected China nation-state threat actor is expanding its operational relay box infrastructure with custom malware designed to support espionage and follow-on cyber operations, cybersecurity firm Cisco Talos said in Tuesday blog post.
Talos said the group, tracked as UAT-7810, continues to build the LapDogs ORB network first disclosed in 2025. Researchers say the actor’s primary role is establishing covert relay infrastructure that associated China-linked threat groups can use to launch attacks while obscuring their origin.
The researchers identified an upgraded version of the group’s Linux malware, dubbed LongLeash, which succeeds the earlier ShortLeash implant. Talos also uncovered two previously undocumented backdoors: DogLeash, written in C, and JarLeash, a Java-based implant – along with a non-malicious MIPS test binary called LeashTest. The malware expands the group’s toolkit for maintaining compromised devices and supporting ORB operations.
ORB networks consist of compromised internet-connected devices that attackers use as intermediate infrastructure to proxy malicious traffic. Unlike botnets built for distributed denial-of-service attacks or spam campaigns, ORBs are intended to provide persistent, stealthy infrastructure for state-backed cyber operations.
23andMe Breach Victims to Receive $46.75M Payout
Victims of the 2023 23andMe data breach will receive a $46.75 million settlement after a California bankruptcy judge approved a compensation plan tied to the genetic testing firm’s bankruptcy proceedings.
The court ordered Chrome Holding, which acquired control of 23andMe through its Chapter 11 restructuring, to transfer the settlement funds to claims administrator Kroll Restructuring within five business days.
The settlement stems from a credential-stuffing attack disclosed in October 2023. Attackers initially compromised about 14,000 customer accounts using reused passwords but leveraged 23andMe’s DNA Relatives feature to access personal information associated with approximately 6.9 million users.
In June 2025, the U.K. Information Commissioner’s Office fined 23andMe 2.31 million pounds, finding the company failed to implement appropriate security measures to protect sensitive genetic data. California Attorney General Rob Bonta also sued the company in May, alleging it failed to adequately safeguard customer information and misrepresented the severity of the breach (see: 23andMe Failed to Stop Months-Long Hack, State Alleges).
UK Government FortiBleed Credential Breach Poses Low Risk
The real-world threat posed by putatively exposed British government credentials appears to be minimal, said a cybersecurity expert.
British newspaper The Telegraph on Sunday reported that a threat actor with the handle SantaAd listed for sale access credentials for “IT staff at British embassies in Thailand and Mauritius, as well as staff in Derbyshire and Waltham Forest, East London,” for about $60,000 worth of cryptocurrency. The list of credentials also touches “NHS, energy providers and key suppliers of medicines across the country,” it reported.
The breaches apparently traced to FortiBleed, the ongoing campaigns targeting Fortinet FortiGate firewalls and VPN gateways to gain and resell access to the devices.
Ian Thornton-Trump, CISO of cybersecurity firm Inversion6, said any exposure of British government credentials likely traces to a third party managing the devices, which may have left management interfaces publicly exposed to the internet.
“That would be ‘bad,’ and there may have been some exposure if that is the case. But in terms for the Foreign Office, I don’t think Fortinet’s protecting the classified network at any point and they would not likely be located on the internet,” he said.
FortiBleed attacks appear to have amassed hundreds of thousands of credentials. The U.K. National Cyber Security Center said it involves “brute-force, dictionary and credential stuffing attempts against internet-facing FortiGate and VPN portals.”
Fortinet said no zero-day vulnerability appears to be in play. “We believe the activity involves threat actors reusing credentials from previous incidents,” as well as “employing brute-force techniques against devices with weak password hygiene and no multifactor authentication,” it said.
Medtronic Data Breach Hits 3.8M People
Medical device maker Medtronic, which recently began notifying individuals affected by an April data theft has reported to Indiana regulators that the incident has affected more than 3.8 million people in total.
Ransomware gang ShinyHunters on April 17 posted a claim on a darkweb network site alleging that it breached a Medtronic database, stealing more than 9 million records containing personally identifiable information along with additional terabytes of internal corporate data. The gang threatened to release the stolen records unless Medtronic responded to a ransom by April 21 (see: Medical Device Maker Medtronic Says It’s Been Hacked).
By late April, the Medtronic listing on ShinyHunters’ dark website was removed. Minnesota-based Medtronic said the hack involved an “unauthorized actor” from April 13 to April 19 accessing “some” of its corporate IT systems. Information potentially compromised in the incident includes patient name, contact information, date of birth, Social Security number and health-related information.
Cerner Revises 2025 Breach Toll Up by Millions
The victim tally appears to continue to soar by the millions in a 2025 hacking incident that compromised legacy patient data hosted by Cerner electronic health record servers that were set last year to migrate to parent company Oracle’s cloud environment.
This week, Cerner updated a data breach report filed to Texas regulators in the 2025 hack, saying the incident now affects more than 2.6 million Texans. That’s significantly higher than the 4,082 Texans Cerner reported affected in the Lone Star state last July (see: Oracle Cerner EHR Hack Breach Reports Still Trickling In) .
The company also appears to have recently modified its breach report to South Carolina regulators, saying the incident affected 283,903 individuals in that state, up from 2,989 reported a year ago.
Cerner, in a breach notification letter sent to victims last summer, said the personal information potentially compromised in the incident included patients’ name, Social Security number, medical record information, including record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.
Oracle acquired Cerner in 2022.
The Cerner data breach was one of at least two hacks involving Oracle in 2025 (see: Oracle Health Responding to Hack on Legacy Cerner EHR Data).
Other Stories From This Week
With reporting from ISMG’s Mathew Schwartz in Scotland and Marianne Kolbasuk McGee in the Boston exurbs.
