HCDB A.I CyberSecurity Scoring
05/04/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Hospital Clínic de Barcelona in 2026.
No incidents recorded for Hospital Clínic de Barcelona in 2026.
No incidents recorded for Hospital Clínic de Barcelona in 2026.
Siemens Healthineers is a leading medtech company with over 125 years of experience. We pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our portfolio, spanning in vitro and in vivo diagnostics to image-guided therapy and cancer care, is crucial for clinical decision-making and treatment pathways. With our strengths in patient twinning, precision therapy, as well as digital, data, and artificial intelligence (AI), we are well positioned to take on the greatest challenges in healthcare. We will continue to build on these strengths to help overcome the world’s most threatening diseases, enable efficient operations, and expand access to care. We are a team of more than 71,000 Healthineers in over 70 countries passionately pushing the boundaries of what is possible in healthcare to help improve the lives of people around the world.
Sutter Health is a not-for-profit, people-centered healthcare system providing comprehensive care throughout California. Sutter Health is committed to innovative, high-quality patient care and community partnerships, and innovative, high-quality patient care. Today, Sutter Health is pursuing a bold new plan to reach more people and make excellent healthcare more connected and accessible. The health system’s 57,000+ staff and clinicians and 12,000+ affiliated physicians currently serve more than 3 million patients with a focus on expanding opportunities to serve patients, people and communities better. Sutter Health provides exceptional, affordable care through its hospitals, medical groups, ambulatory surgery centers, urgent care clinics, telehealth, home health and hospice services. Dedicated to transforming healthcare, at Sutter Health, getting better never stops. Learn more about how Sutter Health is transforming healthcare at sutterhealth.org and vitals.sutterhealth.org.
DaVita means “to give life,” reflecting our proud history as leaders in dialysis—an essential, life-sustaining treatment for those living with end stage kidney disease (ESKD). Today, our mission is to minimize the devastating impacts of kidney disease across the full spectrum of kidney health care. At DaVita, we’re a community first and a company second. We care for our teammates with the same intensity with which we care for our patients—and encourage our teammates to bring their hearts to work. That is, we can be the same people inside and outside of work because for us, it’s not work, it’s our passion. Interested in joining our Village? There are over 75,000 careers and counting. Visit careers.davita.com to start your career adventure.
As an integrated health system, we provide care throughout Iowa, western Illinois and southern Wisconsin in not-for-profit hospitals, clinics and home health settings. Each year, we serve nearly 8 million patient visits of all different types, including around 100,000 surgeries and deliver more than 20,000 babies. Whatever stage of life you’re in, our goal is to make your care easier and more personal. At UnityPoint Health, we put people first. And we start from the inside out. We care deeply about making UnityPoint Health a great place to work because our team members are the compassionate core of who we are and how we serve. We’re proud to be recognized as a Top 150 Place to Work in Healthcare by Becker’s Healthcare for four years in a row. We've worked diligently to invest in our team members across key areas, including: o Team Member Empowerment o Leadership Effectiveness o Community Impact and Engagement o Career Development Visit www.unitypoint.org/join-our-team to explore career opportunities at UnityPoint Health.
Committed to Life - We save and improve human lives with affordable, accessible, and innovative healthcare products and the highest quality in clinical care. Fresenius is a global healthcare company headquartered in Bad Homburg v. d. Höhe, Germany. In fiscal year 2024, Fresenius generated €21.5 billion in annual revenue with around 176,000 employees (excluding Fresenius Medical Care). As a healthcare company focused on therapy, Fresenius offers system-critical products and services for leading therapies for the care of critically and chronically ill patients. Why work for Fresenius? At Fresenius, your career has purpose. As a global healthcare group, we’re dedicated to improving the lives of millions through better medicine—and we’re looking for people who want to make a real impact. Whether you’re an engineer, nurse, scientist, or business expert, Fresenius offers diverse career opportunities, the chance to grow across disciplines, and the satisfaction of contributing to something that truly matters. ➡ Learn more: careers.fresenius.com ➡ Follow us on Instagram: www.instagram.com/fresenius.group Imprint: https://www.fresenius.com/Imprint Data protection: https://www.fresenius.com/data-protection
Lehigh Valley Health Network, part of Jefferson Health, is proud to be part of a leading integrated academic health care delivery system. Together, we’re among the top 15 not-for-profit health systems in the U.S., with 65,000 colleagues, 32 hospitals and more than 700 sites of care across eastern Pennsylvania and southern New Jersey. We’re committed to putting people first and pursuing excellence in over 95 clinical specialties, supported by a national doctoral research university and an expanded not-for-profit health plan.
The first academic health center in Texas opened its doors in 1891 and today has four campuses, five health sciences schools, seven institutes for advanced study, a research enterprise that includes one of only two national laboratories dedicated to the safe study of infectious threats to human health, a Level 1 Trauma Center and a health system offering a full range of primary and specialized medical services throughout the Texas Gulf Coast region. UTMB is an institution in The University of Texas System and a member of the Texas Medical Center.
Centene Corporation is a leading healthcare enterprise committed to helping people live healthier lives. Centene offers affordable and high-quality products to more than 1 in 15 individuals across the nation, including Medicaid and Medicare members (including Medicare Prescription Drug Plans) as well as individuals and families served by the Health Insurance Marketplace. Centene believes healthcare is best delivered locally. Our local health plans provide fully integrated, high-quality, and cost-effective services to government-sponsored and commercial healthcare programs, focusing on under-insured and uninsured individuals. Centene’s hiring practices reflect the composition of the members and communities we serve, allowing us to deliver quality, culturally sensitive healthcare to millions of members. Centene employees help change the world of healthcare and transform our communities. To learn more about career opportunities with Centene, visit: https://jobs.centene.com/
Our purpose is to provide safe, high quality health and personal social services to the population of Ireland. Our vision is a healthier Ireland with a high quality health service valued by all. Our Workforce The health service is the largest employer in the state with over 110,000 whole time equivalents (WTEs) (not including home helps) employed. Over 70,000 are employed directly by the HSE with the remaining 40,000 employed by voluntary hospitals and agencies. Our vision for healthcare is to put people at the heart of everything we do – we are committed to delivering high quality safe healthcare to our service users, communities and the wider population. Our staff are at the core of the delivery of healthcare services, working within and across all care settings in communities, hospitals and healthcare offices.
Latest updates, reports, and threat intel affecting the global network.
Hospital Clínic de Barcelona, Spain. The Hospital Clínic's Cardiovascular Institute (ICCV) is devoted to treating cardiovascular diseases, with specialties...
BarcelonaArtificial intelligence (AI) is revolutionizing all spheres of our society, including cybersecurity. The use of this technology is...
Hospitals and clinics across Korea continue to suffer ransomware attacks and data leaks as weak cybersecurity systems and insider threats...
A day after President Donald Trump unveiled plans to accelerate the adoption of artificial intelligence in health care, one expert warns...
Simon Meier, a trauma and orthopedic surgeon, was off duty when a colleague called one evening. University Hospital Frankfurt was the target...
Ransomware emerges as the predominant threat to healthcare organisations, comprising a staggering 54% of cyber security incidents.
BarcelonaThere are more cyberattacks, but they are now less serious. This is the assessment made for 2024 by the Catalan Cybersecurity...
BarcelonaThe FBI and the U.S. Cybersecurity and Infrastructure Security Agency have issued an urgent alert for users of email services such...
NIS2 transforms cybersecurity for life sciences & healthcare—€10m fines and leadership liability make compliance critical.
HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not properly validated, an attacker could forge a callback URL containing their own valid GitHub OAuth code. When processing the callback, HedgeDoc used the victim's logged-in session to select which note to export, but the attacker's authorization code to determine which GitHub account received it. As a result, a logged-in victim who clicked a crafted link could export their own private, protected, or limited note directly into a Gist controlled by the attacker. This issue has been fixed in version 1.11.0.
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, which resolved YAML anchor aliases. A compact malicious payload could therefore expand into a huge object structure, consuming excessive CPU. This expansion ran on every request to the publish view (/s/<shortid>) and, when placed under the opengraph key, the editor view (/<noteId>). A ten-level alias bomb could block the single Node.js event loop for roughly 235 seconds per request, causing concurrent requests to hang or drop and rendering the instance unavailable (DoS). Because the note was stored in the database, the impact survived process restarts until the note was removed. toobusy-js did not reliably mitigate the worst cases, as the event loop was saturated before the middleware could respond. This issue was fixed in version 1.11.0.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes OBJ_obj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensions_by_name() uses the static shortname path and is not affected.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also dereferences akid->keyid, which is NULL for an empty AKI SEQUENCE (DER 30 00) even when the parse succeeds. A caller invoking an affected helper on an extension from an untrusted certificate triggers a SIGSEGV that crashes the Perl process.
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with preg_replace('/[^a-zA-Z0-9-_\\.]/','', $bucket), which permits '..' and '../' sequences. The sanitized value is interpolated into a Flysystem path as uploads://buckets/{bucket}. Flysystem's WhitespacePathNormalizer resolves 'buckets/..' to the empty string (the uploads storage root) without raising PathTraversalDetected because the '..' has a preceding component to consume. An authenticated low-privileged user can send a crafted request with a '../' bucket name to list, upload, and delete files across all buckets, including those belonging to other users or roles
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.