Cyberattack disrupts Surmodics operations

July 3, 2025

In early June, a cyberattack targeted major U.S. medical device company Surmodics, leading to the shutdown of parts of its IT system. As a result, alternative methods for accepting customer orders and shipping products were put into action. The incident prompted an inquiry into the scale of the breach, which has not been attributed to a specific threat actor. Efforts to restore other affected systems are ongoing following the reinstatement of critical operations, as stated by Surmodics in a submission to the U.S. Securities and Exchange Commission.

Chief Financial Officer Timothy Arens highlighted the risks associated with the cyber incident, including concerns about the efficiency of processes during the IT system disruption, the diversion of management’s focus, possible legal repercussions, alterations in customer behavior, and increased regulatory oversight. This disclosure surfaces nearly two months after California-based health technology company Masimo Corporation disclosed a breach of its systems that occurred in April.

Meanwhile, additional security concerns arise with the identification of vulnerabilities in the TeleMessage platform, as addressed by the Cybersecurity and Infrastructure Security Agency (CISA). Two specific vulnerabilities, tracked as CVE-2025-48927 and CVE-2025-48928, were identified. The former vulnerability, known as the TM SGNL Spring Boot Actuator misconfiguration bug, could potentially allow for memory dump downloads, while the latter flaw could expose passwords transmitted via HTTP, posing significant security risks.

In the realm of threat intelligence, FBI Cyber Division Head Brett Leatherman remarked on the containment of the Salt Typhoon operation, conducted by state-sponsored Chinese threat actors, within U.S. telecommunications networks. Despite the containment efforts, the operation had managed to compromise several networks in the U.S., underscoring the persistent threats faced by critical infrastructure from foreign threat actors.

Artificial intelligence and machine learning technologies have also come under scrutiny for their potential to generate incorrect links that could facilitate phishing attacks, according to researchers. There is a growing concern that AI models may struggle to identify social engineering content in their training data and searches, highlighting the importance of enhancing the security measures surrounding these technologies.

Amidst these developments, securing critical infrastructure against cyber threats remains a top priority. As organizations continue to grapple with evolving cybersecurity challenges, maintaining vigilance and implementing robust security protocols are essential to safeguarding sensitive data and operations from malicious cyber activities.