Insights and analysis from the CYBERSOL team.
The Nigeria Data Protection Commission's simultaneous investigation into Remita Payment Services Ltd.
We asked the same CISO planning question five ways. The first four improved recommendations. The fifth changed the decisions themselves.
When CareCloud, a cloud-based EHR vendor serving over 40,000 healthcare providers across all 50 states, disclosed a March 2026 hacking incident to the SEC, it...
"text": "# Vendor Risk Governance Failure: TriZetto's 11-Month Detection Gap Exposes Healthcare Supply Chain Liability\n\n## Why This Matters at Board and...
"text": "# Supply Chain Compromise as Governance Failure: Why Vendor Risk Frameworks Must Evolve Beyond Technical Detection\n\n## Framing: The Structural...
Mercor, a $10 billion AI training-data vendor serving Anthropic, OpenAI, and Meta, suffered a supply-chain attack through the LiteLLM open-source...
When Everest ransomware operators publicly announced the exfiltration of 910 GB of Nissan customer and dealership data from a third-party vendor, the automaker...
CareCloud's confirmed unauthorized access to patient electronic health records—affecting 45,000+ healthcare providers and millions of patients—represents more...
When a mid-market industrial vendor becomes a ransomware victim, governance implications extend far beyond that organization's perimeter.
A ransomware attack against a banking technology vendor has exposed sensitive personal and financial information for over 672,000 individuals.
"text": "# Vendor Breach Liability Without Contractual Control: The Corewell Health Governance Failure\n\n## Why This Matters at Board and Regulatory...
The Marquis ransomware incident—affecting over 672,000 individuals through a Texas-based fintech vendor serving hundreds of banks—represents a structural...
The AKIRA ransomware attack on Serap, a multinational milk cooler manufacturer with operations across 80+ countries, represents more than a single victim...
Healthcare organizations have invested billions in perimeter defense, yet third-party vendors account for approximately 80% of stolen protected health...
Third-party risk has evolved from a peripheral compliance concern into a material governance liability that directly shapes breach probability, regulatory...
When CareCloud, a New Jersey-based electronic health record software provider, announced unauthorized access to one of its six EHR environments, the breach did...
"text": "# Credential Compromise as Governance Failure: Why Supply Chain Poisoning Demands Board-Level Risk Redesign\n\n## Framing: The Trust Model Has Become...
The CareCloud breach—affecting 45,000+ healthcare providers and exposing millions of patient records—is not primarily a cybersecurity incident.
"text": "# Third-Party Credential Compromise as Systemic Governance Failure: What 2025's Largest Breaches Reveal About Vendor Risk Frameworks\n\n## Why This...
The TeamPCP threat actor campaign—targeting Trivy, KICS, LiteLLM, and Telnyx—reveals a structural governance failure that extends far beyond technical...
Browse by month