Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

Headline
News

Urgent action recommended on critical Oracle vulnerability
The AHA Oct. 6 released a Cybersecurity Advisory (https://www.aha.org/advisory/2025-10-06-hospitals-are-oracle-customers-urged-take-immediate-action-address-security-vulnerability) urging immediate action against a critical Oracle E-Business Suite vulnerability that is remotely exploitable without…
Headline
News

AHA launches revamped Cybersecurity and Risk Advisory webpage
The AHA has launched an enhanced Cybersecurity and Risk webpage designed to help health care organizations strengthen their defenses against emerging cyber and physical security threats.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC TLP White Vulnerability Bulletin: Oracle E-Business Suite Vulnerability (CVE-2025-61882) Exploited in Extortion Attacks

On October 4, 2025, Oracle released an advisory to address a critical vulnerability, CVE-2025-61882, affecting E-Business Suite (EBS) systems, versions 12.2.3 through 12.2.14.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green: Ransomware Data Leak Sites Report - October 6, 2025
A daily ransomware tracker at TLP:GREEN to increase awareness of the ransomware threat.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Daily Cyber Headlines - October 3, 2025
H-ISAC TLP Green Daily Cyber Headlines for October 3, 2025.
Advisory
Advisory

Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Oracle has published a Security Alert that addresses vulnerability CVE-2025-61882 in the Oracle E-Business Suite (EBS). This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited…
Headline
News

Notice warns of new LockBit 5.0 ransomware variant
A Health-ISAC (Information Sharing and Analysis Center) bulletin released Oct. 1 warns of a recently released LockBit 5.0 ransomware variant that poses a threat to health care and other sectors.
Issue Landing Page
Issue Landing Page

Cybersecurity and Risk Advisory Service
AHA can help hospitals and health systems prepare for and mitigate cyber threats with John Riggi, a recognized expert, as a powerful resource.
Bios
Bios

Meet the AHA Cybersecurity and Risk Team
AHA’s team of cybersecurity and risk experts, led by John Riggi and Scott Gee
Issue Landing Page
Issue Landing Page

Support for Your Cybersecurity Program
AHA is dedicated to helping hospitals defend against and deflect cyberattacks by supporting Healthcare Public Health Cybersecurity Performance Goals.
Subscribe to Cybersecurity