By summy 0 Comment

CyberSecurity Knuggets

Cybersecurity Knuggets

May 02, 2026

Subject: Risky Bulletin: The mysterious hack of Moldova’s healthcare databases

Dear Subscriber,

This week’s Risky Bulletin brings a critical update on the recent cyberattack targeting Moldova’s national healthcare database.

Key Highlights:

  • A mysterious hacking group has stolen extensive personal and financial data of Moldovan citizens from the national health insurance agency, CNAM.

  • Initial reports of data destruction impacting nearly 30% of the database have been clarified; CNAM indicates data was stolen or restored from backups, but services remain unaffected.

  • No ransom demand was made; however, authorities do not rule out possible Russian involvement amid ongoing geopolitical tensions.

  • The database compromised contains sensitive information on all insured individuals and private medical service providers linked to Moldova’s health insurance scheme.

  • This incident adds to heightened concerns about Moldova’s cybersecurity, especially as Russia has military presence in the region and a history of cyber and disinformation campaigns against Moldova.

Additional Cybersecurity News:

  • China’s breach of the Cuban embassy in the US via Microsoft Exchange servers.

  • Massive leak of over 345,000 stolen credit cards from the Jerry’s World carding forum.

  • Exploitation of a severe cPanel authentication bypass vulnerability (CVE-2026-41940) reported in the wild.

  • The “Copy Fail” Linux privilege escalation vulnerability (CVE-2026-31431) affects distributions back to 2017 and is deemed extremely straightforward to exploit.

  • Recent arrests related to cybercrime, including a 15-year-old arrested in France for hacking government databases and extensive raids on scam syndicates in Dubai and Albania.

Emerging Technologies and Policies:

  • OpenAI introduces advanced account security modes disabling password logins for ChatGPT users.

  • Formation of MOSAIC, an AI security standards group uniting seven leading organizations.

  • Cloudflare announces support for AI agents managing accounts and deploying code with controlled budgets.

  • The US Department of Defense launches a cyber apprenticeship program to bolster cybersecurity workforce without degree requirements.

Actionable Advice:

  • Systems administrators should urgently apply patches for the cPanel authentication bypass vulnerability or restrict access to cPanel services.

  • Linux users should evaluate exposure to the Copy Fail vulnerability and employ available detection tools such as CopyFail-Detect.

  • Organizations in Moldova and similar regions should heighten vigilance against cyber threats, especially given the geopolitical context.

For the full details and ongoing analysis, please visit Risky Business at https://risky.biz.

Stay secure,

Risky Business Media

(C) 2026

Note: This newsletter is brought to you by runZero, the total attack surface and exposure management platform.

[Unsubscribe link]

Stay Well!

summy
summy