SecurityWeek’s cybersecurity information roundup supplies a concise compilation of noteworthy tales that may have slipped below the radar.
We offer a precious abstract of tales that will not warrant a whole article, however are nonetheless essential for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a set of noteworthy developments, starting from the newest vulnerability discoveries and rising assault strategies to vital coverage adjustments and trade experiences.
Listed below are this week’s tales:
Claude Expertise used to execute ransomware
Cato Networks has used Expertise, a brand new function for Anthropic’s Claude AI assistant, to execute ransomware in a managed surroundings. Antrophic says the code execution performance works as supposed for Expertise. Cato argues that legit Expertise could possibly be weaponized by way of minor adjustments, and that they will propagate by public repositories and social engineering. Nonetheless, the safety agency admits that Claude shows clear approval prompts to the person.
Array vulnerability exploited within the wild
Japan’s JPCERT/CC has warned {that a} vulnerability affecting Array Networks’ AG safe entry gateways has been exploited in assaults. The flaw, a command injection concern that doesn’t have a CVE identifier, was patched in Could 2025 with the discharge of ArrayOS AG 9.4.5.9. JPCERT has discovered proof that the vulnerability has been exploited in opposition to customers in Japan since August 2025. The impacted product is prevalent in Asia. Commercial. Scroll to proceed studying.
North Korea suspected of $30 million Upbit cryptocurrency heist
Upbit, a significant South Korea-based cryptocurrency change, lately had roughly $30 million of cryptocurrency stolen. The heist is believed to be the work of the North Korean hacking group Lazarus. Again in 2019, hackers stole $49 million price of Ethereum from Upbit.
Akamai patches HTTP request smuggling vulnerability
Akamai introduced this week that it lately patched a vulnerability tracked as CVE-2025-66373 that might have uncovered prospects to HTTP request smuggling assaults. A majority of these assaults can usually be leveraged to steal credentials or different delicate information, and to redirect customers to arbitrary web sites. HTTP request smuggling makes headlines each few years as a consequence of its probably vital influence.
CISA workers advised to not communicate with reporters
A leaked inside e mail revealed that management on the cybersecurity company CISA has requested workers to not discuss to information reporters in an unauthorized capability, in keeping with Nextgov/FCW. “In right this moment’s tradition of data saturation, it’s crucial that we guarantee all official data communicated on behalf of CISA is present, correct, unbiased, and authoritative. This contains any official data communicated to the media,” the e-mail reads. It’s unclear whether or not the memo was triggered by a selected incident.
North Korean pretend IT employee recruiters caught on digicam
Researchers performed an intensive investigation into North Korea’s pretend IT employee scheme, detailing how legit builders are lured into renting their credentials and identities to safe distant jobs in firms that prohibit hiring from the nation. The investigation, which included video calls with a number of North Korean recruiters, revealed that the recruiters requested for twenty-four/7 entry to the developer’s pc to facilitate the masquerade.
X fined €120 million over disinformation
The European Fee has fined the social media firm X with €120 million ($139 million) over its alleged failures to deal with disinformation. The advantageous was issued below the Digital Companies Act (DSA), which requires firms to guard customers in opposition to disinformation and affect operations or face fines of as much as 6% of their turnover.
New MuddyViper backdoor utilized by Iranian cyberspies
The Iranian cyberespionage group named MuddyWater has developed a brand new backdoor dubbed MuddyViper by ESET. The safety agency has noticed assaults geared toward Israel, with at the least one sufferer in Egypt. In contrast to earlier MuddyWater assaults, which had been noisy and straightforward to detect, the brand new exercise was extra targeted and complex.
PickleScan vulnerabilities
JFrog has disclosed the main points of three lately patched PickleScan vulnerabilities. PickleScan is a device for scanning machine studying (ML) fashions to detect malicious content material. The vulnerabilities discovered by JFrog might have been exploited to “evade PickleScan’s malware detection and probably execute a large-scale provide chain assault by distributing malicious ML fashions that conceal undetectable malicious code”.
Associated: In Different Information: HashJack AI Browser Assault, Charming Kitten Leak, Hacker Unmasked
Associated: In Different Information: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring
