Estados Unidos
Department of Homeland Security
The U.S. Department of Homeland Security (DHS) is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local and private-sector partners.
HSIN is a DHS platform designed to facilitate the sharing of sensitive but unclassified information among government agencies, international organizations and private-sector partners. The attack is believed to have taken place between late May and early June, with an unknown threat actor targeting both HSIN servers and a SharePoint collaboration system. DHS is continuing its investigation and has not attributed the incident to any specific threat actor. It also remains unclear whether any documents were stolen during the breach.
As the U.S. is currently overseeing security for FIFA World Cup matches hosted across the country, there are growing concerns that the breach may have exposed sensitive security planning, interagency coordination or emergency response procedures.
FonteComo isso pode afetar sua empresa
U.S. government agencies have been facing a growing number of cyberattacks in recent months. Organizations that work with government should strengthen their defenses by enforcing strong access controls, continuously monitoring for suspicious activity, promptly applying security updates and maintaining a well-tested incident response plan.
Estados Unidos
AdaptHealth
AdaptHealth, a U.S. network of medical equipment companies, disclosed that threat actors used a social engineering attack to deceive a third-party contractor and gain access to its cloud environment, resulting in the theft of sensitive patient data.
According to the company, the threat actor contacted AdaptHealth on June 15, claiming to have obtained data from its systems. The company later confirmed that a successful social engineering attack compromised a user session associated with a third-party contractor, allowing attackers to access several cloud-based business applications. The threat actors reportedly accessed internal patient management systems, document storage platforms and insurance billing passwords, along with personally identifiable information (PII) and protected health information (PHI) belonging to patients.
AdaptHealth said the investigation is ongoing and that the full scope of the breach, including the volume of affected data, has not yet been determined.
FonteComo isso pode afetar sua empresa
Cyberattacks targeting health care organizations through third-party vendors have become increasingly common. Health care organizations should regularly assess vendor security, enforce strong access controls, monitor third-party activity and provide ongoing security awareness training to reduce the risk of social engineering attacks.
Estados Unidos
Medtronic
Medtronic has begun notifying more than 3.8 million patients that threat actors accessed their personal and medical information during the ransomware attack disclosed in April.
Medical device manufacturer Medtronic was among the high-profile organizations affected by the ShinyHunters ransomware campaign. The company has now informed affected individuals that attackers breached its corporate IT systems and stole sensitive information, including names, addresses, Social Security numbers, medical histories and details about the medical devices used by patients.
The scale of the incident makes it one of the largest health care-related data breaches in recent years, highlighting the significant impact ransomware attacks can have on organizations that handle sensitive medical information.
FonteComo isso pode afetar sua empresa
Health care breaches are particularly dangerous because cybercriminals can use stolen medical information to craft highly convincing phishing attacks. Anyone who has used medical devices, enrolled in patient support programs or created online accounts with the medical device company should remain vigilant for suspicious communications claiming to be from health care providers or device manufacturers.
Ásia e Pacífico
Aflac Japan
American insurance giant Aflac disclosed a data breach after attackers compromised its Japan subsidiary’s systems and stole the personal and bank account information of more than 4.38 million customers.
Aflac, the largest supplemental insurance provider in the U.S. with millions of customers across the U.S. and Japan, said Aflac Japan discovered unauthorized access to certain systems on June 25. According to the company, the threat actors had access to the affected systems between June 15 and June 25. An investigation is ongoing, and Aflac has confirmed that sensitive information stored on those systems was accessed.
According to Aflac Japan, the exposed information includes policy and coverage details, personal information and bank account information. The company emphasized that the incident was limited to its systems in Japan and that systems supporting its U.S. business were not accessed.
FonteComo isso pode afetar sua empresa
Large-scale breaches involving personal and financial information can fuel widespread spear-phishing campaigns, with attackers using stolen details to create highly convincing scams. Organizations should strengthen user awareness through regular security training so employees and customers can better recognize and avoid sophisticated phishing attempts. Leveraging technologies such as GenAI can further enhance phishing detection while delivering continuous, personalized security awareness training to help users identify evolving threats.
América do Norte
Microsoft Defender
A Microsoft Defender vulnerability known as BlueHammer is being exploited in ransomware attacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
BlueHammer is a privilege escalation vulnerability, tracked as CVE-2026-33825, that can be exploited by an authenticated attacker. The flaw was publicly disclosed on April 2, and Microsoft released a security patch on April 14. CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 22 and has now updated the entry to confirm that it is being actively leveraged in ransomware campaigns.
However, it remains unclear which ransomware group is exploiting CVE-2026-33825. There are currently no recent public reports providing additional details about the observed exploitation activity.
FonteComo isso pode afetar sua empresa
Unpatched vulnerabilities provide attackers with an easy path to gain unauthorized access, escalate privileges and deploy ransomware. Organizations should prioritize timely patching and use automated patch management solutions to quickly identify, test and deploy critical security updates across their environments, reducing the window of opportunity for attackers.


