Kinetic Potential Blog

American Lending Center this week revealed that a data breach discovered last year has impacted more than 123,000 individuals.

American Lending Center (ALC) is a California-based non-bank lender that manages a $3 billion portfolio specializing in government-guaranteed small business loans.

The organization is notifying individuals affected by the data breach that information such as names, dates of birth, and SSNs may have been stolen in a ransomware attack detected in July 2025.

“Through a forensic investigation into this breach, it was discovered that the threat actor compromised internal network, executed a ransomware attack, and accessed certain files that may have contained personal identifying or sensitive information,” ALC said in its notification to impacted customers, a copy of which was submitted to the Maine attorney general’s office.

Taiwanese electronics manufacturing giant Foxconn has confirmed that some of its North American factories have been hit by a cyberattack.

“The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery. The affected factories are currently resuming normal production,” Foxconn told SecurityWeek.

Foxconn, best known as the world’s largest provider of manufacturing services for Apple and other major global tech brands, confirmed being targeted by hackers after the Nitrogen ransomware group listed the company on its Tor-based leak website on March 12.

The hackers claim to have stolen 8TB of data representing more than 11 million files, including confidential documents and schematics related to major customers such as Intel, Apple, Google, Dell, and Nvidia.

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview.

MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability classes to autonomously discover, validate, and prove exploitable defects in complex codebases like Windows.

"Unlike single-model approaches, the harness orchestrates more than 100 specialized AI agents across an ensemble of frontier and distilled models to discover, debate, and prove exploitable bugs end-to-end," Taesoo Kim, vice president of agentic security at Microsoft, said.

MDASH is envisioned as a "structured pipeline" that ingests a codebase and produces validated, proven findings through a series of actions.