SecurityWeek’s cybersecurity information roundup supplies a concise compilation of noteworthy tales that may have slipped below the radar.
We offer a beneficial abstract of tales that won’t warrant a whole article, however are nonetheless necessary for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the newest vulnerability discoveries and rising assault strategies to important coverage modifications and business studies.
Listed here are this week’s tales:
BreachForums is again — once more
BreachForums seems to be again after it went offline in April. The favored cybercrime discussion board was shut down and resurrected a number of instances over the previous years. DataBreaches reported that a number of clones have appeared since April, however now the ‘official’ website appears to be again on-line, and it has preserved the unique consumer database, popularity, credit, and posts. The location seems to have returned below new management — a consumer with the net moniker ‘N/A’ is the brand new proprietor.
Nozomi publishes OT/IoT cybersecurity report for H1 2025
Nozomi Networks has printed its OT/IoT Cybersecurity Traits and Insights report for the primary half of 2025. The report covers a big enhance in cyberattacks launched by Iranian hackers towards US transportation and manufacturing organizations, the publicity of wi-fi networks to assaults, and botnet exercise spikes pushed by Mirai.Commercial. Scroll to proceed studying.
Port cybersecurity studies from NATO and Booz Allen
Reviews on port cybersecurity have been printed by NATO’s CCDCOE and Booz Allen. The NATO report focuses on state-sponsored cyber threats to essential maritime port infrastructure, pointing to assaults carried out in recent times towards European and Mediterranean ports by Russian, Chinese language and Iranian menace teams. Booz Allen has targeted on using zero belief for the OT techniques current in US ports.
Discover for Microsoft Authenticator customers
Beginning August 1, Microsoft Authenticator customers will not be capable of use password administration and autofill options until they use the Edge browser. The transfer is a part of Microsoft’s technique to spice up the adoption of passkeys, that are safer than passwords.
FBI seized $1.7 million of cryptocurrency from Chaos ransomware group
The US Justice Division introduced that it’s in search of the forfeiture of greater than $1.7 million price of cryptocurrency seized by the FBI in mid-April 2025 from a member of the Chaos ransomware group often known as ‘Hors’. The cryptocurrency is now valued at greater than $2.4 million. The Chaos ransomware group is believed to be both a rebranding of the BlackSuit ransomware operation or operated by former BlackSuit members. The BlackSuit leak web site was just lately seized by legislation enforcement.
Microsoft investigating whether or not ToolShell exploit leaked through MAPP
Microsoft is investigating whether or not the current SharePoint vulnerabilities dubbed ToolShell, which have been exploited to hack a whole lot of servers, have been leaked by means of the Microsoft Lively Protections Program (MAPP), which goals to supply an early warning system for distributors by notifying them 24 hours — in some instances 5 days — previous to public disclosure, Bloomberg reported. The primary ToolShell assaults have been attributed by Microsoft to Chinese language state-sponsored menace actors and the tech big is now attempting to find out whether or not one of many greater than a dozen Chinese language firms enrolled in MAPP leaked info. The assaults impacted US authorities businesses, and Reuters reported that over 90 state and native governments have been focused.
New cybersecurity pointers in Germany
The German authorities is proposing new cybersecurity pointers that can affect almost 30,000 firms. The rules, which have to be accredited by the nationwide parliament, instruct firms to boost their safety by means of danger evaluation, emergency plans, encryption, and backups. Corporations can even should report cyberattacks inside 24 hours and supply an replace on the incident after 72 hours.
China involved about Nvidia chip backdoors
The Our on-line world Administration of China is anxious about potential backdoors in Nvidia chips. Earlier this yr, the US authorities banned the gross sales of Nvidia’s H20 AI chips to China over fears that they might be used for navy techniques. The ban was just lately reversed, however China now desires Nvidia to supply explanations and supporting supplies over considerations that the chips might include options that will permit the monitoring or disabling of Chinese language techniques.
Microsoft defenses towards oblique immediate injection
Microsoft has shared some particulars on the way it defends towards oblique immediate injection assaults, through which menace actors use specifically crafted information that LLMs misread as directions, probably resulting in consumer information exfiltration and the execution of unauthorized actions. Microsoft has carried out mechanisms designed to forestall the injection, detect the injection, and stop affect.
Cybercriminals plant Raspberry Pi on financial institution community for ATM heist
A financially motivated menace actor tracked as UNC2891 was caught bodily deploying a Raspberry Pi machine inside a financial institution’s inside community as a part of an assault geared toward ATMs. The attackers used a 4G modem to remotely entry the machine. Group-IB decided that the hackers wished to achieve entry to the ATM switching server to deploy a rootkit that will permit them to conduct fraudulent ATM money withdrawals, however their operation was disrupted earlier than they might obtain their objective.
Associated: In Different Information: $30k Google Cloud Construct Flaw, Louis Vuitton Breach Replace, Assault Floor Development
Associated: In Different Information: Regulation Agency Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass
