As digital threats continue to rise, this week’s news underscores the urgent need for vigilance among organizations that serve and protect people. From ransomware attacks targeting healthcare providers to critical vulnerabilities in everyday technologies, these stories reveal the growing sophistication of cyber adversaries. Let’s explore what’s happening—and what you should be watching.
U.S. Prepares for Cyber Retaliation Amid Escalating Global Tensions
The U.S. government is bracing for potential cyberattacks after aligning with Israel in its conflict with Iran. This geopolitical shift increases the likelihood of retaliatory cyber operations targeting critical infrastructure, including healthcare and government services. Organizations should review their incident response plans and monitor threat intelligence for any region-specific risks.
Read more on SecurityWeek
Federal Agencies Warn of Ongoing Scam Using Spoofed Government Phone Numbers
A new alert from federal agencies warns of scammers spoofing government numbers to steal personal data through fraudulent calls. This technique, known as “vishing,” continues to target nonprofits, healthcare workers, and citizens alike. Train staff to recognize these tactics and verify requests independently.
Read more on BankInfoSecurity
Ransomware attack contributed to patient’s death
The death of one person has been linked to a ransomware attack on NHS blood services at London hospitals and GP surgeries last June.
Read more on BBC
McLaren Health Care Begins Notifying Patients of Ransomware Breach
Michigan-based McLaren Health Care is notifying individuals of a ransomware attack that compromised sensitive data. Healthcare nonprofits and service providers should evaluate third-party risks and enhance endpoint detection and response capabilities.
Read more on The Record
Swiss Government Data Stolen in Widespread Ransomware Attack
Switzerland has confirmed a ransomware attack that resulted in the theft of confidential government data from a third-party nonprofit.
Read more on BleepingComputer
WhatsApp Banned on U.S. House Devices Due to Security Concerns
The U.S. House of Representatives has banned WhatsApp from official devices, citing data privacy concerns. Nonprofits and faith-based organizations should consider this move when evaluating communication platforms, especially those used to share sensitive or personal information.
Read more on Reuters
Tech Support Scams Exploit Major Brand Websites Like Apple and Netflix
Cybercriminals are hijacking legitimate brand URLs to redirect users to fake tech support sites. This highlights the importance of user awareness training and browser security hygiene, particularly for organizations supporting less tech-savvy communities.
Read more on SecurityWeek
Major Printer Brands Found Vulnerable to Remote Exploits
Security researchers uncovered critical vulnerabilities in five popular printer brands, including one flaw rated a 9.8 severity. Nonprofits and schools often rely on consumer-grade printers—ensure these are updated and isolated from sensitive networks where possible.
Read more on SC World
Microsoft to Offer Free Extended Security Updates for Windows 10
As Windows 10 nears end-of-support, Microsoft has announced free extended security updates for some users. This move is significant for budget-conscious organizations still using legacy systems. Now is the time to plan migrations or enroll in extended support if needed.
Read more on SecurityWeek
Malicious Apps Stealing Photos Found on Apple and Google Stores
Spyware disguised as legitimate apps has been discovered on both Apple and Google’s app stores, designed to steal user photos and data. Ensure mobile device management (MDM) policies are in place, especially for staff using personal devices to access sensitive systems.
Read more on SecurityWeek
Chrome and Firefox Patch High-Severity Vulnerabilities
Google and Mozilla released urgent patches for Chrome and Firefox to fix multiple high-severity vulnerabilities. Prompt updates are essential for organizations relying on these browsers to access cloud tools or donor databases.
Read more on SecurityWeek
HopeNet reviews a variety of security news sources so you don’t have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers who want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please sign up for this FREE newsletter at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!