SecurityWeek’s cybersecurity information roundup offers a concise compilation of noteworthy tales that may have slipped underneath the radar.
We offer a priceless abstract of tales that will not warrant a whole article, however are nonetheless vital for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the most recent vulnerability discoveries and rising assault methods to important coverage modifications and business reviews.
Listed below are this week’s tales:
Microsoft stops utilizing Chinese language engineers
After it was reported that Microsoft had been utilizing Chinese language engineers to assist preserve US Division of Protection techniques — doubtlessly exposing delicate knowledge to the Chinese language authorities — the tech big introduced that it has made some modifications and can now not use China-based groups to supply technical help to the DoD. The Chinese language engineers had been supervised to stop sabotage and espionage, however their supervisors might have lacked the abilities to determine malicious actions.
Organizations’ assault floor growing
An evaluation carried out by ReliaQuest exhibits that organizations have created extra entry factors for attackers. The corporate has appeared on the knowledge from the primary half of 2025 and the second half of 2024 and located a 27% enhance in uncovered ports (35% enhance in OT ports), and a 100% enhance in vulnerabilities in public-facing techniques. There has additionally been a big development within the unintentional publicity of delicate paperwork that may very well be helpful to attackers. Commercial. Scroll to proceed studying.
Premium baggage service uncovered consumer knowledge
Airportr, a premium door-to-door baggage service, was impacted by vulnerabilities that would have been exploited to acquire consumer knowledge, and to trace or redirect luggages. The uncovered info included the journey data of presidency officers within the US and Europe, Wired reported. The issues have been found by researchers at CyberX9, and Airportr has since patched them, noting that there isn’t a proof of malicious exploitation.
Home listening to on evolution of cyber threats to vital infrastructure
A number of business consultants have been invited to a Home listening to on the evolution of cyber threats to vital infrastructure within the 15 years after the Stuxnet assault — the aim is for lawmakers to get a greater understanding of how you can increase the safety of vital infrastructure and different OT techniques. It got here to mild through the listening to that funding for the CyberSentry program of the Lawrence Livermore Nationwide Laboratory, which is tasked with analyzing knowledge in the hunt for harmful cyber threats, has expired.
‘Safety agency’ accused of monetizing knowledge collected by malware
A ‘menace intelligence’ firm named Farnsworth Intelligence has been accused of monetizing knowledge collected by infostealer malware from compromised gadgets. 404 Media reported that Farnsworth Intelligence is promoting info obtained by malware as helpful for debt collectors seeking to monitor debtors, for divorce instances and different lawsuits, and for lists of rivals’ prospects.
ExpressVPN vulnerability
ExpressVPN just lately patched a vulnerability in its Home windows app that in sure circumstances brought on visitors over TCP port 3389 to not be routed by way of the VPN tunnel as anticipated. The flaw didn’t affect encryption, however may have brought on visitors from RDP connections to not be routed by way of ExpressVPN.
Extra international locations hit by Louis Vuitton knowledge breach
The record of nations impacted by the current knowledge breach at Louis Vuitton has elevated. After Louis Vuitton prospects within the UK, South Korea, and Turkey have been notified of a cybersecurity incident impacting their info, now Australia, Hong Kong, Sweden and Italy have been added to the record. In Hong Kong, 419,000 prospects are impacted. Bleeping Laptop reported that members of the ShinyHunters extortion group could also be behind the assault.
European hospital group AMEOS discloses knowledge breach
AMEOS, a European non-public hospital group that serves Switzerland, Austria and Germany, has disclosed an information breach that will affect the data of sufferers, staff and companions. The group has shut down some techniques after detecting an intrusion. No recognized ransomware group seems to have taken credit score for the assault.
Google Cloud Construct vulnerability earns researcher $30,000
Researcher Adnan Khan says he just lately earned a $30,000 bug bounty from Google after discovering a doubtlessly critical vulnerability within the Google Cloud Construct managed CI/CD platform. In a weblog put up, Khan described how he was in a position to exploit a TOCTOU vulnerability to bypass maintainer critiques when operating pull request integration checks. “With this vulnerability, an attacker may create a PR, persuade a maintainer to run checks, after which shortly replace their code to steal secrets and techniques / abuse the construct execution function privileges,” the researcher mentioned.
Wiping instructions planted in Amazon Q AI assistant
A hacker managed to compromise Amazon’s AI coding assistant, named Q. Particularly, the hacker submitted a pull request to one of many software’s GitHub repositories and it was accepted, regardless of containing malicious instructions instructing the AI agent to wipe customers’ machines. Amazon has eliminated the code and mentioned no buyer sources have been impacted. The hacker admitted that the instructions wouldn’t really wipe techniques, however highlighted the entry that they had gained to the software, 404 Media reported.
Associated: In Different Information: Legislation Agency Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass
Associated: In Different Information: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs
