🚨 Healthcare software provider ChipSoft has been struck by a ransomware attack. The company supplies patient record systems to hospitals across the Netherlands.

Their website has been unreachable all day. Healthcare institutions are being advised to disconnect their VPN connections immediately.

🚨‼️ BREAKING: Israeli company Anodot has been compromised — multiple customers are confirmed being extorted due to integrations with AWS, Google, Azure, Cisco, Oracle, Salesforce and more.

It's a major incident. The company isn't responding, they haven't disclosed anything and their status page is serving a static JPEG.

Anodot is a shady company — we've heard they haven't replied to any emails journalists have sent. Even their AI assistant looks like the Unabomber on crack...

Anodot's status page during an active breach. A static JPEG.

Assume compromise of whatever you have integrated Anodot with!

These are their top 10 integrations:

1. Amazon: Amazon Kinesis, Amazon Timestream, Amazon Redshift, Amazon S3, Amazon S3 Parquet, Amazon SNS
2. Google: Google Ads, Google Analytics, Google BigQuery, Google Storage, Google Auction Insights
3. Microsoft: Azure Event Hubs, Microsoft SQL Server, Microsoft Teams, PowerBI
4. Meta: Facebook Ads
5. Huawei: Huawei Management System, Huawei OSS
6. Cisco: Cisco Management System, Cisco Network-SNMP
7. Oracle: Oracle Database
8. Salesforce: Salesforce
9. Nokia: Nokia Management System, Nokia OSS
10. Adobe: Adobe Analytics

Full list: https://www.anodot.com/integrations/

A BleepingComputer article only mentions Snowflake being hit — but we now know it's almost all of their integrations. This confirms Anodot was compromised.

https://www.bleepingcomputer.com/news/security/snowflake-customers-hit-in-data-theft-attacks-after-saas-integrator-breach/

Anodot's customers include:

Affirm, Atlassian, Credit Karma, Eyeview, King, LivePerson, NetSeer, Pandora, Payoneer, Penske Media Corporation (PMC), Puma, Razorpay, Rubicon Project (Magnite), SAP, T-Mobile, TripAdvisor, Uprise, UPS, Vimeo, Vodafone, Xandr.

🇳🇱‼️ People in the Netherlands are going to die tomorrow because of a breach. A national public health crisis is looming.

14 million people rely on hospitals and healthcare providers using ChipSoft for patient records.

A hypothetical thread 🧵

Step 1: Cloud vs. On-Premise
→ ~65% of ChipSoft hospitals run on-premise or privately hosted
→ ~35% rely on ChipSoft's cloud/SaaS model

Step 2: On-Premise hospitals aren't safe either
They can still view historical patient data — but cannot log new data. Morphine doses, lab results, new admissions — all reverting to pen and paper. Elective surgeries cancelled, emergency capacity severely limited.

Step 3: Cloud hospitals are completely blind
No medical histories. No allergy warnings. No medication lists. Ambulances diverted. Total operational paralysis.

Step 4: The human cost
Based on ~21,000 weekly admissions across the Dutch ChipSoft network:
→ Cloud hospitals: ~38 excess deaths in week one
→ On-premise hospitals: ~20-30 excess deaths in week one
→ Total: 58-68 excess deaths per week if the outage is sustained

Step 5: The domino effect
Within 48-72 hours, diverted ambulances overwhelm non-impacted hospitals. ICU capacity collapses nationwide. A localised IT failure becomes a national public health crisis.

Disclaimer: the above is hypothetical, as some data isn't public (such as cloud vs. on-premise ratios) and we don't have access to internal documentation or high-level architecture. We still felt it was important to post it to sound the alarm.

That said, does anyone know who breached ChipSoft? Or does anyone have tips / work at or with ChipSoft?

🚨‼️ Microsoft has suspended the developer accounts of WireGuard and VeraCrypt, making it impossible for them to push updates in case of critical vulnerabilities.

WireGuard is used by hundreds of millions of users — directly and indirectly via VPN apps like NordVPN and others.

WireGuard dev: "What if there were some critical RCE in WireGuard (...) exploited in the wild, and I needed to update users immediately? (...) In that case, Microsoft would have my hands entirely tied."

‼️ A New York Times reporter claims to have uncovered the true identity of Satoshi Nakamoto, the pseudonymous founder of Bitcoin.

https://nytimes.com/2026/04/08/business/bitcoin-satoshi-nakamoto-identity-adam-back.html?unlocked_article_code=1.ZVA.5_s8.hTKeCkV97kow&smid=tw-share

‼️ Tesla is remotely disabling cars and emailing owners who have been using FSD activation hacks in countries where FSD is not yet permitted.

Users report they had no say in it, Tesla simply altered the software remotely and is forcing them to update. Disabling connectivity isn't possible on most cars due to built-in eSIM.

This comes at a very sensitive time, Tesla is awaiting FSD approval by Dutch regulatory authority RDW in Europe. Can't have illegal vehicles driving around.

Sources told us that RDW will not approve FSD for a 2nd time tomorrow, meaning EU users will have to wait even longer...

🚨 BREAKING: The FBI has successfully extracted deleted Signal messages from a suspect's iPhone via notification storage, the place where all your notifications are stored for up to one month.

Notification storage stores data from all messaging apps, it's a big flaw in iOS. But there's a way to turn it off...

Go to iOS Settings → Notifications → [App Name] → Show Previews and set it to Never.

You can also do this globally under Settings → Notifications → Show Previews → Never

Also don't forget to turn on Advanced Data Protection in your iCloud settings if you really want to OWN your data.

🚨 WARNING: A 0day vulnerability in Adobe Acrobat Reader is being actively exploited in the wild for 4 months now.

Simply opening a malicious PDF can lead to data theft and potentially full system compromise.

Adobe has not released a patch for this vulnerability.

Source: https://esecurityplanet.com/threats/adobe-acrobat-reader-zero-day-exploited-in-active-pdf-attacks/