Three breaches. No malware. No zero-days. Just trust being exploited. This week on Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three major cybersecurity incidents that reveal a growing reality: attackers are increasingly targeting people, vendors, and physical access instead of technology. NYC Health + Hospitals disclosed a breach affecting 1.8 million individuals after a third-party vendor compromise exposed sensitive patient information, including fingerprints. Carnival Corporation confirmed a cyberattack impacting nearly 6 million people after attackers used social engineering to gain access through an employee account. Meanwhile, the FBI is warning law firms about criminals posing as IT personnel, physically entering offices, deploying malicious USB devices, and stealing privileged client data. These attacks didn't begin with sophisticated malware or advanced exploits. They succeeded because trust was exploited. In this episode, we discuss: • The growing risk of third-party vendor breaches • Why biometric data theft creates permanent consequences • How social engineering continues to defeat security controls • The resurgence of physical intrusion attacks • What CEOs, business owners, IT leaders, and MSPs should be evaluating right now • Why many organizations may be defending the wrong attack surface If your cybersecurity strategy focuses only on networks, endpoints, and firewalls, this episode will challenge some assumptions. Support the show: https://buymeacoffee.com/securitysquawk Subscribe for weekly executive-level cybersecurity analysis focused on business impact, operational risk, and real-world consequences. #CyberSecurity #DataBreach #Carnival #NYCHealthAndHospitals #SocialEngineering #VendorRisk #LawFirmSecurity #CyberAttack #InformationSecurity #MSP #BusinessRisk #SecuritySquawk

This Week's Cybersecurity Breakdown 1. CISA Shrinks While the FBI Expands Its Cyber Role The federal cyber response structure is changing in real time: CISA reportedly lost over 1,000 employees Proposed federal budget would cut another $707 million FBI IC3 received 1 million cybercrime complaints in 2025 Reported financial losses climbed to $20.9 billion Raises major questions about how businesses should think about federal cyber support going forward 2. DocketWise Breach Exposes Sensitive Immigration Data A breach at an immigration legal platform continues to grow: Attackers used valid credentials to clone a developer pipeline Victim count increased from 116,000 to more than 143,000 individuals Exposed data includes: Social Security numbers passport data tax IDs medical history Another example of trusted access becoming the attack surface 3. 7-Eleven Confirms ShinyHunters Breach The ongoing Salesforce-linked extortion campaign continues: 185,000 franchise applicants exposed 7-Eleven reportedly refused ransom demands Attackers released a 9.4 GB archive publicly Campaign has now impacted organizations including: Google Cisco Qantas Allianz Adidas TransUnion LVMH The Bottom Line The cybersecurity assumptions businesses relied on even 18 months ago are changing. Federal cyber resources are shifting Trusted vendors continue getting breached Attackers are increasingly using legitimate access instead of sophisticated exploits And many organizations are still operating under incident response plans built for a threat landscape that no longer exists. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of ransomware, cybercrime, vendor risk, and executive-level cybersecurity strategy.

A poisoned software package compromised OpenAI employee devices before security teams could stop it. The company behind critical Ozempic injection components has been offline for weeks after a ransomware attack. And Change Healthcare is now facing another major lawsuit tied to the 2024 breach that crippled healthcare payments nationwide. Three stories. One message: Your business is now exposed to companies you don't control. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three cyber incidents that reveal how third-party trust has become one of the biggest operational risks in business today. This Week's Cybersecurity Breakdown 1. OpenAI, TanStack & the npm Supply Chain Worm A software supply chain attack spread through trusted developer ecosystems at massive speed: 42 npm packages poisoned in six minutes Malware stole GitHub tokens, AWS credentials, and CI/CD secrets OpenAI confirmed two employee devices were compromised ChatGPT Desktop, Codex App, Codex CLI, and Atlas certificates rotated Demonstrates how modern attacks now spread through trusted development infrastructure 2. West Pharmaceutical Ransomware Attack A cyberattack against a company most people have never heard of — but nearly everyone depends on: West Pharmaceutical components are used in roughly 43 billion injectable drug deliveries annually Includes Ozempic, Wegovy, insulin pens, vaccines, and hospital injectables Systems taken offline globally after ransomware deployment Manufacturing disruptions continue weeks later 3. Allied World v. Change Healthcare — The Financial Fallout Begins The legal consequences of the Change Healthcare breach are escalating: Cyber insurer Allied World filed suit seeking more than $1 million in damages Avesis operations were disrupted for roughly 90 days Root cause traced to a low-level Citrix account with no MFA Credentials were reportedly circulating on Telegram prior to the breach The Bottom Line The modern business attack surface is no longer just your company. It's: your software vendors your healthcare clearinghouses your package repositories your pharmaceutical suppliers Every trusted relationship is now a potential point of failure. And when those companies get breached, your business absorbs the consequences. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of ransomware, supply chain attacks, AI threats, and executive-level cybersecurity strategy.