With all of the challenges facing health care — a shrinking workforce population, reduced funding, new technologies and pharmaceuticals — it’s no longer an option to change, but an imperative. In order to keep caring for our communities well into the future, we need to transform how we provide care to people. Technology, artificial intelligence and digital transformation can not only help us mitigate these trends but truly innovate and find new ways of making health better.

There are many exciting capabilities already making their way into our field. Ambient listening technology for providers and other automation and AI reduce administrative burden and free up people and resources to improve front-line care. Within the next five years, we expect hospital “smart rooms” to be the norm; they leverage cameras and AI-assisted alerting to improve safety, enable virtual care models across our footprint and allow us to boost efficiency while also improving quality and outcomes.

It’s easy to get caught up in shiny new tools or cutting-edge treatments, but often the most impactful innovations are smaller — adapting or designing our systems and processes to empower our teams to do what they do best.

That’s exactly what a new collaboration with the AHA and Epic is aiming to do. A set of point-of-care tools in the electronic health record is helping providers prevent, detect and treat postpartum hemorrhage, which is responsible for 11% of maternal deaths in the U.S. Early detection and treatment of PPH is key to a full recovery. One small innovation — incorporating tools into your EHR and labor and delivery workflows — is having a big impact: enhancing providers’ ability to effectively diagnose and treat PPH.

It’s critical to leverage technology advancements like this to navigate today’s challenging environment and advance health care into the future. However, at the same time, we also need to focus on how these opportunities can deliver measurable value to our patients, members and the communities we serve.

I will be speaking with Jackie Gerhart, M.D., chief medical officer at Epic, later this month for a Leadership Dialogue conversation. Listen in to learn more about how AI and other technological innovations can better serve patients and make actions more efficient for care providers. 

Helping You Help Communities – Key AHA Resources

Redazione RHC : 15 September 2025 19:44

A new EvilAI malware campaign tracked by Trend Micro has demonstrated how artificial intelligence is increasingly becoming a tool for cybercriminals. In recent weeks, dozens of infections have been reported worldwide, with the malware masquerading as legitimate AI-powered apps and displaying professional-looking interfaces, functional features, and even valid digital signatures. This approach allows it to bypass the security of both corporate systems and home devices.

analysts began monitoring the threat on August 29 and within a week had already noticed a wave of large-scale attacks. The largest number of cases was detected in Europe (56), followed by the Americas and AMEA regions (29 each). By country, India leads with 74 incidents, followed by the United States with 68 and France with 58. The list of victims also included Italy, Brazil, Germany, Great Britain, Norway, Spain, and Canada.

The most affected sectors are manufacturing, public, medical, technology, and retail. The spread was particularly severe in the manufacturing sector, with 58 cases, and in the public and healthcare sectors, with 51 and 48 cases, respectively.

EvilAI is distributed via newly registered fake domains, malicious advertisements, and forum links. The installers use neutral but plausible names like App Suite, PDF Editor, or JustAskJacky, which reduces suspicion.

Once launched, these apps offer real functionality, from document processing to recipes to AI-powered chat, but they also incorporate a hidden Node.js loader. It injects obfuscated JavaScript code with a unique identifier into the Temp folder and executes it via a minimized node.exe process.

Persistence on the system occurs in several ways simultaneously: a Windows scheduler task is created in the form of a system component named sys_component_health_{UID}, a Start menu shortcut and an autoload key are added to the registry. The task is triggered every four hours, and the registry ensures it’s activated on login.

This multi-layered approach makes threat removal particularly laborious. All code is built using language models, which allow for a clean, modular structure and bypasses static signature analyzers. Complex obfuscation provides additional protection: control flow alignment with MurmurHash3-based loops and Unicode-encoded strings.

To steal data, EvilAI uses Windows Management Instrumentation and registry queries to identify active Chrome and Edge processes. These are then forcibly terminated to unlock the credential files. The “Web Data” and “Preferences” browser settings are copied with the Sync suffix to the original profile directories and then stolen via HTTPS POST requests.

The communication channel with the command and control server is encrypted using the AES-256-CBC algorithm with a key generated based on the unique infection ID. Infected machines regularly query the server, receiving commands to download additional modules, modify registry parameters, or launch remote processes.

Experts advise organizations to rely not only on digital signatures and application appearance, but also to check distribution sources and pay particular attention to programs from new publishers. Behavioral mechanisms that record unexpected Node.js launches, suspicious scheduler activity, or startup entries can provide protection.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli