Kinetic Potential Blog

Florida-based Medical Associates of Brevard has informed authorities that a data breach suffered earlier this year impacts nearly 250,000 individuals.

Medical Associates of Brevard provides healthcare services in the Melbourne, Florida area.

The organization discovered in mid-January 2025 that its systems had been breached and an investigation later determined that the attackers may have stolen personal and protected health information.

The healthcare organization on September 5 submitted a copy of its notification to impacted individuals to the Maine Attorney General’s Office. At the time it did not disclose the total number of affected customers.

However, the healthcare data breach tracker maintained by the US Department of Health and Human Services revealed on Wednesday that the incident has impacted 246,711 people.

Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going "dark."

Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an increase in lookalike domains potentially linked to the group that are geared towards the industry vertical, as well as a recently identified targeted intrusion against an unnamed U.S. banking organization.

"Scattered Spider gained initial access by socially engineering an executive's account and resetting their password via Azure Active Directory Self-Service Password Management," the company said.

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild.

The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file.

"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals," the company said.

Since then, WhatsApp has acknowledged that a vulnerability in its messaging apps for Apple iOS and macOS (CVE-2025-55177, CVSS score: 5.4) had been chained with CVE-2025-43300 as part of highly-targeted spyware attacks aimed at less than 200 individuals.