// Healthcare Threat Intelligence

Healthcare Threat Feed

Curated, manually-vetted threat intelligence focused exclusively on ransomware groups, malware, and incidents targeting healthcare organizations. Updated by Code Blue Security as new intelligence is confirmed.

Feed StatusLive

Total Entries1

Active Threats1

Last UpdatedMar 14, 2026 at 08:43 UTC

All intelligence is manually curated from public sources (CISA, HHS HC3, published security research).

// Ransomware Groups

Active & Recent Threat Actors

Known ransomware groups currently or recently targeting healthcare — TTPs, targeting patterns, and operational status.

CriticalActive

Aug 29, 2024

RansomHub

Phishing for initial access, credential dumping, lateral movement, data exfiltration, ransomware encryption.

Primary TargetsHealthcare, Government, IT, Emergency Services, Critical Infrastructure

Initial AccessPhishing

First SeenFeb 2024

Last ActiveAug 2024

Group StatusActive

SystemsWindows, Active Directory, network infrastructure

RegionGlobal

SectorHospital

MITRE ATT&CKT1566T1048T1486T1490

CISA AA24-242A ↗

// Recent Incidents

Healthcare Attack Timeline

Confirmed attacks on healthcare organizations — sourced from public disclosures, HHS breach portal, and security research.

// Malware & IOCs

Active Malware & Indicators

Malware families, IOC summaries, and detection guidance for tools currently used against healthcare targets.

// Need Help?

Is your organization exposed to any of these threats?

Book a free 30-minute consultation. No pitch — just clarity on where you stand.

Book a Free Consult