Insights and analysis from the CYBERSOL team.
The ransomware compromise of ENGlobal Corporation—a contractor embedded in energy sector operations—reveals a critical governance blind spot: most...
When a major energy and federal government contractor experiences a six-week operational lockout due to ransomware, the incident extends far beyond that single...
Third-party vendors account for nearly half of all confirmed breaches in US energy infrastructure, with forensic evidence suggesting they drive 90% of...
The January 2026 breach of Pickett USA—a Tampa-based engineering firm serving Tampa Electric Company, Duke Energy Florida, and American Electric Power—is not...
Two years after the Change Healthcare cyberattack, the case has evolved from a discrete security incident into a structural indictment of vendor risk...
Healthcare organizations face a fundamental structural inversion in cyber liability: they bear regulatory and contractual accountability for breaches...
When Ericsson US disclosed a breach affecting 15,661 employees and customers through a compromised service provider, the incident revealed a structural...
The finding that 98% of organizations maintain active integrations with breached third-party vendors is not a data point—it is evidence of structural...
When pro-Iran threat actors compromised Stryker Corporation's Microsoft environment in March 2026, they exposed a structural governance failure that extends...
Ericsson's April 2025 breach affecting 15,661 employees and customers—routed through a compromised third-party service provider—exposes a critical governance...
When a single medical-technology vendor's infrastructure fails due to a coordinated cyberattack, the incident does not remain contained at the vendor's...
The Conduent breach—expanding from an initial estimate of 10.5 million to over 25 million affected individuals—represents more than a single vendor failure.
The Ericsson incident—affecting 15,661 individuals through a compromised third-party vendor—is not primarily a cybersecurity failure.
The reported cyberattack on Stryker—a Michigan-based medical device manufacturer serving hospitals globally—exposes a critical structural weakness in how...
The Marquis Software Solutions ransomware incident—affecting 80 banks, 824,000 consumers, and exposing names, Social Security numbers, dates of birth, and...
Supply chain attacks have transitioned from opportunistic exploitation to industrialized, systematic compromise of trusted vendors and service providers. This s
The governance failure revealed by fourth-party and nth-party vendor exposure is not a gap in vendor management—it is a structural blind spot in how...
The Stryker Corporation cyberattack—a destructive wiper operation that disrupted global Microsoft environments, manufacturing, and order processing in March...
A cyberattack on a revenue cycle management (RCM) vendor serving NYC Health has compromised approximately 140,000 patient records.
The Marquis Software Solutions breach, traced to compromised credentials stolen during the SonicWall firewall vulnerability exploitation, represents a...
Browse by month