Mathew J Schwartz
@mathewjschwartz.bsky.social
Cybersecurity reporter
Weekly Data Breach Roundup
—Cyber defenders scramble to patch React framework bug
—Microsoft quietly fixes long-abused Windows flaw
—Watchdog said Pentagon head Pete Hegseth endangered military operation
—Man jailed for airport Wi-Fi "evil twin" crime
www.databreachtoday.com/breach-round...
—Cyber defenders scramble to patch React framework bug
—Microsoft quietly fixes long-abused Windows flaw
—Watchdog said Pentagon head Pete Hegseth endangered military operation
—Man jailed for airport Wi-Fi "evil twin" crime
www.databreachtoday.com/breach-round...
Breach Roundup: React Flaw Incites Supply Chain Risk
This week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth's Signal group posed operational risk, more North Korean npm packages. An
www.databreachtoday.com
December 6, 2025 at 2:28 PM
Weekly Data Breach Roundup
—Cyber defenders scramble to patch React framework bug
—Microsoft quietly fixes long-abused Windows flaw
—Watchdog said Pentagon head Pete Hegseth endangered military operation
—Man jailed for airport Wi-Fi "evil twin" crime
www.databreachtoday.com/breach-round...
—Cyber defenders scramble to patch React framework bug
—Microsoft quietly fixes long-abused Windows flaw
—Watchdog said Pentagon head Pete Hegseth endangered military operation
—Man jailed for airport Wi-Fi "evil twin" crime
www.databreachtoday.com/breach-round...
China-linked Brickstorm malware hits US critical systems, CISA warns
www.databreachtoday.com/brickstorm-m...
www.databreachtoday.com/brickstorm-m...
Brickstorm Malware Hits US Critical Systems, CISA Warns
U.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure,
www.databreachtoday.com
December 6, 2025 at 11:19 AM
China-linked Brickstorm malware hits US critical systems, CISA warns
www.databreachtoday.com/brickstorm-m...
www.databreachtoday.com/brickstorm-m...
US health officials unveiled "version 1" of a strategic plan to implement artificial intelligence as a "practical layer" across the department and its agencies aimed at helping to break down silos, improve collaboration and increase efficiencies. www.databreachtoday.com/hhs-outlines...
HHS Outlines AI Road Map Amid Major Department Overhaul
The U.S. Department of Health and Human Services on Thursday unveiled "version 1" of a strategic plan to implement artificial intelligence as a
www.databreachtoday.com
December 6, 2025 at 8:52 AM
US health officials unveiled "version 1" of a strategic plan to implement artificial intelligence as a "practical layer" across the department and its agencies aimed at helping to break down silos, improve collaboration and increase efficiencies. www.databreachtoday.com/hhs-outlines...
Research this: The British government is considering amending its three-decade-old hacking law to include a "statutory defense" cover for security researchers.
www.databreachtoday.com/uk-governmen...
www.databreachtoday.com/uk-governmen...
UK Government Considers Computer Misuse Act Revision
The U.K. government is considering amending its three-decade-old hacking law to include a "statutory defense" cover for security researchers. The
www.databreachtoday.com
December 5, 2025 at 5:44 PM
Research this: The British government is considering amending its three-decade-old hacking law to include a "statutory defense" cover for security researchers.
www.databreachtoday.com/uk-governmen...
www.databreachtoday.com/uk-governmen...
Chinese nation-state groups tied to 'React2Shell' targeting, as security researchers see escalating probes, likely in advance of more criminal exploitation www.databreachtoday.com/chinese-nati...
Chinese Nation-State Groups Tied to 'React2Shell' Targeting
Warnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat intelligence analysts warning that it's
www.databreachtoday.com
December 5, 2025 at 4:28 PM
Chinese nation-state groups tied to 'React2Shell' targeting, as security researchers see escalating probes, likely in advance of more criminal exploitation www.databreachtoday.com/chinese-nati...
Deploying AI in critical infrastructure sectors: think first, warns US cybersecurity agency
www.databreachtoday.com/us-allies-wa...
www.databreachtoday.com/us-allies-wa...
US, Allies Warn AI in OT May Undermine System Safety
The U.S. cyber defense agency warned that machine learning and large language model deployments can introduce new attack surfaces across critical infrastructure
www.databreachtoday.com
December 5, 2025 at 2:28 PM
Deploying AI in critical infrastructure sectors: think first, warns US cybersecurity agency
www.databreachtoday.com/us-allies-wa...
www.databreachtoday.com/us-allies-wa...
Weekly Cryptohack Roundup
—Authorities shutter Cryptomixer
—Anthropic sees autonomous AI exploits
—U.K. moots ban on crypto political donations
—Do Kwon seeks leniency
—Lazarus Group suspected in Upbit theft
—Balancer's post-exploit plans
www.databreachtoday.com/cryptohack-r...
—Authorities shutter Cryptomixer
—Anthropic sees autonomous AI exploits
—U.K. moots ban on crypto political donations
—Do Kwon seeks leniency
—Lazarus Group suspected in Upbit theft
—Balancer's post-exploit plans
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: Authorities Shutter Cryptomixer
This week, authorities shutter Cryptomixer, Anthropic warns about autonomous AI exploits, U.K. plans ban on crypto political donations, Do Kwon seeks leniency,
www.databreachtoday.com
December 5, 2025 at 11:19 AM
Weekly Cryptohack Roundup
—Authorities shutter Cryptomixer
—Anthropic sees autonomous AI exploits
—U.K. moots ban on crypto political donations
—Do Kwon seeks leniency
—Lazarus Group suspected in Upbit theft
—Balancer's post-exploit plans
www.databreachtoday.com/cryptohack-r...
—Authorities shutter Cryptomixer
—Anthropic sees autonomous AI exploits
—U.K. moots ban on crypto political donations
—Do Kwon seeks leniency
—Lazarus Group suspected in Upbit theft
—Balancer's post-exploit plans
www.databreachtoday.com/cryptohack-r...
A marketing and compliance software vendor to 700 banks and credit unions, Marquis Software Solutions, says a ransomware group hit its SonicWall firewall and stole its customers' customer data, including Social Security numbers. www.databreachtoday.com/marketing-co...
Marketing and Compliance Software Vendor to Banks Breached
Marketing and compliance software maker Marquis Software Solutions, which counts over 700 banks and credit unions as customers, said a ransomware group breached its
www.databreachtoday.com
December 4, 2025 at 9:46 AM
A marketing and compliance software vendor to 700 banks and credit unions, Marquis Software Solutions, says a ransomware group hit its SonicWall firewall and stole its customers' customer data, including Social Security numbers. www.databreachtoday.com/marketing-co...
US telecoms reject regulation as answer to Chinese hacking, as industry says it prefers to stick with entirely voluntary cybersecurity measures, thank you very much
www.databreachtoday.com/us-telecoms-...
www.databreachtoday.com/us-telecoms-...
December 3, 2025 at 5:44 PM
US telecoms reject regulation as answer to Chinese hacking, as industry says it prefers to stick with entirely voluntary cybersecurity measures, thank you very much
www.databreachtoday.com/us-telecoms-...
www.databreachtoday.com/us-telecoms-...
Kaiser Permanente to pay up to $47.5 million to settle web tracker lawsuit
www.databreachtoday.com/kaiser-perma...
www.databreachtoday.com/kaiser-perma...
Kaiser Permanente to Pay Up to $47.5M in Web Tracker Lawsuit
Kaiser Permanente has agreed to pay up to $47.5 million to settle litigation stemming from its use of tracking codes in its websites, patient portals and mobile
www.databreachtoday.com
December 3, 2025 at 5:01 PM
Kaiser Permanente to pay up to $47.5 million to settle web tracker lawsuit
www.databreachtoday.com/kaiser-perma...
www.databreachtoday.com/kaiser-perma...
No more regulatory guardrails: Three months after proposing mandatory artificial intelligence guardrails with regulatory teeth, Australia's government has released a national plan that asks companies to consider safety measures instead.
www.databreachtoday.com/blogs/austra...
www.databreachtoday.com/blogs/austra...
Australia Abandons Proposed Mandatory AI Rules in New Plan
Australia's federal government has quietly shelved the mandatory AI guardrails it proposed just three months ago, replacing enforceable requirements with voluntary guidance in its National AI Plan…
www.databreachtoday.com
December 3, 2025 at 2:28 PM
No more regulatory guardrails: Three months after proposing mandatory artificial intelligence guardrails with regulatory teeth, Australia's government has released a national plan that asks companies to consider safety measures instead.
www.databreachtoday.com/blogs/austra...
www.databreachtoday.com/blogs/austra...
The FDA is warning that Life 2000 - an at-home ventilation system by medical device maker Baxter - has been permanently recalled due to a "cybersecurity issue" that could allow individuals with physical access to tamper with the gear's life support settings.
www.databreachtoday.com/cyber-issue-...
www.databreachtoday.com/cyber-issue-...
'Cyber Issue' Leads to FDA Recall of Baxter Respiratory Gear
The Food and Drug Administration is warning that Life 2000 - an at-home ventilation system built by medical device maker Baxter - has been permanently recalled due
www.databreachtoday.com
December 3, 2025 at 11:19 AM
The FDA is warning that Life 2000 - an at-home ventilation system by medical device maker Baxter - has been permanently recalled due to a "cybersecurity issue" that could allow individuals with physical access to tamper with the gear's life support settings.
www.databreachtoday.com/cyber-issue-...
www.databreachtoday.com/cyber-issue-...
The Trump administration has called on Congress to approve steep cuts to federal cybersecurity and information technology modernization programs in 2026 - and lawmakers appear to be heeding the call. www.databreachtoday.com/us-federal-m...
US Federal Modernization Funds Slashed in Senate Bill
Congressional appropriators have proposed significant reductions to federal cybersecurity and modernization initiatives in the 2026 budget, signaling a potential
www.databreachtoday.com
December 3, 2025 at 8:52 AM
The Trump administration has called on Congress to approve steep cuts to federal cybersecurity and information technology modernization programs in 2026 - and lawmakers appear to be heeding the call. www.databreachtoday.com/us-federal-m...
Ads without eyeballs: online shopping's existential AI agent problem
www.databreachtoday.com/ads-without-...
www.databreachtoday.com/ads-without-...
Ads Without Eyeballs: Online Shopping's AI Agent Problem
The online retail industry spent decades honing how to nudge people into clicking the buy button. Now it faces a customer who doesn't want anything at all: the
www.databreachtoday.com
December 2, 2025 at 5:44 PM
Ads without eyeballs: online shopping's existential AI agent problem
www.databreachtoday.com/ads-without-...
www.databreachtoday.com/ads-without-...
South Korean e-commerce giant Coupang probes massive, five-month breach, with suspicion falling on a former developer, a Chinese national who's reportedly fled the country www.databreachtoday.com/south-korean...
South Korean E-Commerce Giant Coupang Probes Massive Breach
South Korea's biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it
www.databreachtoday.com
December 2, 2025 at 3:53 PM
South Korean e-commerce giant Coupang probes massive, five-month breach, with suspicion falling on a former developer, a Chinese national who's reportedly fled the country www.databreachtoday.com/south-korean...
OpenAI reports breach of analytics provider Mixpanel that exposed information on users of the OpenAI API www.databreachtoday.com/openai-suspe...
OpenAI Suspends Mixpanel Use After Analytics Data Breach
OpenAI has temporarily ceased use of Mixpanel after the analytics firm disclosed a breach affecting profile data of the artificial intelligence giant's API platform
www.databreachtoday.com
November 29, 2025 at 2:28 PM
OpenAI reports breach of analytics provider Mixpanel that exposed information on users of the OpenAI API www.databreachtoday.com/openai-suspe...
Ransomware groups continue to display more innovation, persistence and planning in their quest to amass fresh ransom-paying victims and maximize profits. www.databreachtoday.com/ransomware-m...
Ransomware Moves: Supply Chain Hits, Credential Harvesting
Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has
www.databreachtoday.com
November 29, 2025 at 11:19 AM
Ransomware groups continue to display more innovation, persistence and planning in their quest to amass fresh ransom-paying victims and maximize profits. www.databreachtoday.com/ransomware-m...
Ransomware reshaping cybersecurity as a national security priority comes to Britain
www.databreachtoday.com/ransomware-r...
www.databreachtoday.com/ransomware-r...
Ransomware Reshaping Cyber as National Security Priority
Ongoing, high-profile ransomware attacks against Britain and the United States have transformed cybersecurity into a national security priority, Anne Neuberger, the
www.databreachtoday.com
November 29, 2025 at 8:52 AM
Ransomware reshaping cybersecurity as a national security priority comes to Britain
www.databreachtoday.com/ransomware-r...
www.databreachtoday.com/ransomware-r...
Identity verification challenge: AI deepfakes are turning human trust into a cyber risk
www.databreachtoday.com/how-ai-deepf...
www.databreachtoday.com/how-ai-deepf...
How AI Deepfakes Turn Human Trust Into a Cyber Risk
AI deepfakes are eroding the biological mechanisms humans have relied on for centuries to verify identity. Jeremy Nelson, CISO for North America at Insight,
www.databreachtoday.com
November 28, 2025 at 5:44 PM
Identity verification challenge: AI deepfakes are turning human trust into a cyber risk
www.databreachtoday.com/how-ai-deepf...
www.databreachtoday.com/how-ai-deepf...
Learning but no unlearning: Why AI models conflict with 'right to be forgotten' mandates
www.databreachtoday.com/ai-models-co...
www.databreachtoday.com/ai-models-co...
AI Models Conflict With 'Right to Be Forgotten' Mandates
Neural networks cannot extract individual data without rolling back the entire model, which undermines competitive advantage. Organizations must understand their
www.databreachtoday.com
November 28, 2025 at 2:28 PM
Learning but no unlearning: Why AI models conflict with 'right to be forgotten' mandates
www.databreachtoday.com/ai-models-co...
www.databreachtoday.com/ai-models-co...
Cybersecurity news video style as the latest ISMG Editors' Panel tackles:
—India's data protection rules get more teeth
—Prompt injection attacks complicating life for digital forensic investigators
—You're not dreaming: AI really seems deceptive
www.databreachtoday.com/ismg-editors...
—India's data protection rules get more teeth
—Prompt injection attacks complicating life for digital forensic investigators
—You're not dreaming: AI really seems deceptive
www.databreachtoday.com/ismg-editors...
ISMG Editors: India's Data Protection Rules Get More Teeth
In this week's ISMG Editors' Panel, four editors unpacked India's new data protection rules, the digital forensic implications of prompt injection attacks and the
www.databreachtoday.com
November 28, 2025 at 11:25 AM
Cybersecurity news video style as the latest ISMG Editors' Panel tackles:
—India's data protection rules get more teeth
—Prompt injection attacks complicating life for digital forensic investigators
—You're not dreaming: AI really seems deceptive
www.databreachtoday.com/ismg-editors...
—India's data protection rules get more teeth
—Prompt injection attacks complicating life for digital forensic investigators
—You're not dreaming: AI really seems deceptive
www.databreachtoday.com/ismg-editors...
As space becomes a warfare domain, cybersecurity is on the frontlines
www.databreachtoday.com/as-space-bec...
www.databreachtoday.com/as-space-bec...
As Space Becomes Warfare Domain, Cyber Is on the Frontlines
Space is becoming a domain of warfare, with private sector companies' planet-side infrastructure on the front lines - and the first shots will likely be fired in
www.databreachtoday.com
November 28, 2025 at 11:19 AM
As space becomes a warfare domain, cybersecurity is on the frontlines
www.databreachtoday.com/as-space-bec...
www.databreachtoday.com/as-space-bec...
Weekly Cryptohack Roundup
—World Liberty Financial scrambles to secure user funds
—U.K.'s Serious Fraud Office probes $28 million Basis Markets rug-pull
—Gana Payment hack drains $3.1 million
—Crypto Dispensers weighs $100 million sale after CEO charged
www.databreachtoday.com/cryptohack-r...
—World Liberty Financial scrambles to secure user funds
—U.K.'s Serious Fraud Office probes $28 million Basis Markets rug-pull
—Gana Payment hack drains $3.1 million
—Crypto Dispensers weighs $100 million sale after CEO charged
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: WLF Scrambles to Secure User Funds
This week, World Liberty Financial scrambles to secure user funds, the U.K.'s Serious Fraud Office arrests two people over a $28M Basis Markets rug-pull probe, a
www.databreachtoday.com
November 28, 2025 at 8:52 AM
Weekly Cryptohack Roundup
—World Liberty Financial scrambles to secure user funds
—U.K.'s Serious Fraud Office probes $28 million Basis Markets rug-pull
—Gana Payment hack drains $3.1 million
—Crypto Dispensers weighs $100 million sale after CEO charged
www.databreachtoday.com/cryptohack-r...
—World Liberty Financial scrambles to secure user funds
—U.K.'s Serious Fraud Office probes $28 million Basis Markets rug-pull
—Gana Payment hack drains $3.1 million
—Crypto Dispensers weighs $100 million sale after CEO charged
www.databreachtoday.com/cryptohack-r...
Weekly Data Breach Roujndup
—Recently patched Oracle flaw under attack
—Campbell's cans CISO
—"Shai-Hulud 2.0" executes serious npm attack
—FBI sees rising bank account takeover fraud
—Regulators fine Comcast for vendor breach
www.databreachtoday.com/breach-round...
—Recently patched Oracle flaw under attack
—Campbell's cans CISO
—"Shai-Hulud 2.0" executes serious npm attack
—FBI sees rising bank account takeover fraud
—Regulators fine Comcast for vendor breach
www.databreachtoday.com/breach-round...
Breach Roundup: Recently Patched Oracle Flaw Under Attack
This week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising
www.databreachtoday.com
November 27, 2025 at 5:52 PM
Weekly Data Breach Roujndup
—Recently patched Oracle flaw under attack
—Campbell's cans CISO
—"Shai-Hulud 2.0" executes serious npm attack
—FBI sees rising bank account takeover fraud
—Regulators fine Comcast for vendor breach
www.databreachtoday.com/breach-round...
—Recently patched Oracle flaw under attack
—Campbell's cans CISO
—"Shai-Hulud 2.0" executes serious npm attack
—FBI sees rising bank account takeover fraud
—Regulators fine Comcast for vendor breach
www.databreachtoday.com/breach-round...