HEAL Security - Cybersecurity Intelligence & News for Healthcare

In this episode, Edd Hall explores the latest cybersecurity developments shaping the global threat landscape. Researchers reveal a long-running espionage campaign by the Russia-linked APT28 group targeting Ukrainian military organizations, while the North Korea-linked Lazarus Group spreads malware through fake LinkedIn job interviews.

The episode also covers phishing attacks targeting Microsoft Teams users, account-hijacking campaigns against messaging apps like WhatsApp and Signal, and a data breach disclosed by Ericsson. On the defensive side, Microsoft introduces phishing-resistant authentication through Microsoft Entra, and Meta launches new protection features in Facebook Messenger to help users avoid malicious links.

Finally, experts warn about the growing risks of “shadow AI” in healthcare organizations, where unauthorized AI tools could expose sensitive patient data and create compliance challenges.

For more visit: HealSecurity.com

In this episode, the latest cybersecurity developments highlight how threat actors continue to exploit trust in popular software and online platforms. Researchers warn about a fake CleanMyMac website distributing SHub Stealer malware to Mac users, while a malicious npm package disguised as a legitimate developer tool raises new concerns about software supply chain security. Meanwhile, Ericsson’s U.S. operations report a data breach linked to a compromised service provider, and the cybercrime group ShinyHunters claims responsibility for additional high-profile breaches. Investigators have also uncovered a scam impersonating the Claude Code website to spread malware, as Microsoft introduces a new feature to label third-party bots in Microsoft Teams meetings. Signal has confirmed targeted phishing attacks against some users, underscoring the continued importance of vigilance and strong security practices.

In this episode, we discusses the latest cybersecurity developments, including the growing impact of cyberwarfare on global security investments, leadership changes at the U.S. Department of Homeland Security, and a Microsoft 365 outage affecting North American users. He also covers a new malware campaign using fake Claude Code installation pages, updated cybersecurity guidance for healthcare organizations, CISA’s warning about actively exploited Apple vulnerabilities, the rising trend of malware-free cyberattacks using legitimate system tools, and new AI-focused cybersecurity certifications aimed at preparing professionals for emerging AI-driven threats.

In today’s cybersecurity roundup, several new threats are making headlines across the digital landscape. A self-propagating JavaScript worm disrupts Wikipedia by spreading through user scripts and vandalizing pages, while suspected North Korean threat actors target cryptocurrency firms in a sophisticated espionage campaign. Researchers also uncover the RingH23 toolkit used for stealthy cyber intrusions and warn about malware campaigns spreading through fake GitHub repositories and malicious tools disguised as AI coding software. Meanwhile, Microsoft introduces new clinical AI capabilities at HIMSS 2026, and attackers exploit a critical vulnerability in a widely used WordPress membership plugin to create unauthorized administrator accounts. Stay informed with a concise overview of the latest developments shaping today’s cybersecurity threat environment. 🔐📰

In this episode, we cover the latest cybersecurity trends and incidents of 2026, including the rise of AI-driven and modular malware, major breaches at LexisNexis, QualDerm, and UMMC, the growing threat of malvertising, risks of AI in healthcare, and how geopolitical tensions are reshaping cyber risk and incident response strategies.