SecurityWeek’s cybersecurity information roundup gives a concise compilation of noteworthy tales that may have slipped underneath the radar.
We offer a precious abstract of tales that will not warrant a whole article, however are nonetheless essential for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the most recent vulnerability discoveries and rising assault strategies to vital coverage adjustments and business studies.
Listed here are this week’s tales:
Capita fined £14 million by the UK’s ICO
The UK’s knowledge safety regulator, the Data Commissioner’s Workplace (ICO), has fined Capita a complete of £14 million for a knowledge breach affecting 6.6 million folks in March 2023. The ICO declared the dimensions and extent of the breach “might have been prevented had ample safety measures been in place”.
CISA layoffs throughout shutdown
CISA workers acquired reduction-in-force notifications in the course of the ongoing US authorities shutdown. A whole bunch are reportedly impacted, together with from the Capability Constructing unit, which aids federal businesses to enhance their cybersecurity, the Stakeholder Engagement Division, which is in command of partnerships with worldwide businesses, the Built-in Operations Division, which runs CISA’s watch middle; and the Infrastructure Safety Division’s Chemical Safety unit. There have been no layoffs on the Cybersecurity Division. Some CISA personnel have been reportedly moved to businesses similar to Immigration and Customs Enforcement (ICE) and Customs and Border Safety (CBP). “Over the past administration, CISA was targeted on censorship, branding and electioneering,” the DHS stated. “That is a part of getting CISA again on mission.”Commercial. Scroll to proceed studying.
Spy ware maker NSO acquired
The controversial spy ware maker NSO Group has been acquired by a bunch of American traders led by Hollywood producer Robert Simonds, transferring controlling possession of the agency out of Israel. The deal has been reportedly valued at a number of tens of thousands and thousands of {dollars}. The NSO Group’s possession has modified a number of occasions in recent times, between Francisco Companions, Novalpina Capital, and NSO founders Shalev Hulio and Omri Lavie.
Microsoft Digital Protection Report 2025
Microsoft has revealed its 2025 Digital Protection Report. Based on Microsoft knowledge, the purpose of 80% of the cyber incidents investigated final yr was the theft of information. Crucial organizations similar to hospitals and native governments are prime targets as a result of delicate knowledge they possess. Ransomware teams additionally know that such organizations are underneath vital stress to shortly restore operations, which makes them extra prone to pay a ransom. Microsoft additionally reported that state-sponsored menace actors have expanded their operations, and that 2025 noticed an escalation in using AI by each attackers and defenders.
CrowdStrike patches Falcon Sensor vulnerabilities
CrowdStrike has patched two vulnerabilities in Falcon sensor for Home windows. The failings enable an attacker who beforehand achieved the flexibility to execute code on the host to delete arbitrary information. The problems have been assigned a ‘medium severity’ ranking and there’s no proof of exploitation within the wild.
Wiz finds provide chain threat in VSCode extension marketplaces
Cloud safety big Wiz has uncovered a crucial provide chain threat and secrets and techniques leak within the VSCode and OpenVSX extension marketplaces. Wiz discovered that the publishers of over 100 VSCode extensions leaked entry tokens, which might have allowed an attacker to distribute malware to over 150,000 customers. As well as, over 550 secrets and techniques have been uncovered throughout greater than 500 VSCode extensions. Among the secrets and techniques granted entry to their house owners’ accounts on providers from OpenAI, Anthropic, AWS, Github, and MongoDB.
Senator asks Cisco about latest zero-day assaults
US Senator Invoice Cassidy has despatched a letter to Cisco in an effort to acquire extra info on the influence of latest assaults exploiting two firewall zero-day vulnerabilities. The assaults have been linked to China. Cassidy has requested Cisco whether or not it has recognized any particular threats to particular person prospects, in addition to about its communications with prospects and federal businesses.
ICTBroadcast vulnerability exploited
A just lately disclosed vulnerability in ICTBroadcast name middle software program (CVE-2025-2611) has been exploited in assaults, VulnCheck reported. The assault has been linked to an e-mail marketing campaign described by Fortinet earlier this yr, the place attackers delivered RATty malware. “The attackers’ finish purpose isn’t instantly clear, nevertheless, it seems that this isn’t an automatic assault,” Jacob Baines, CTO at VulnCheck, informed SecurityWeek. “The menace actors have been making an attempt to generate reverse shells – not all of which labored – to conduct a hands-on keyboard operation. If these attackers are linked to the Fortinet group, which primarily based on the overlapping indicators is troublesome to dispute, it’s affordable to suspect they’re conducting some type of company or industrial espionage.”
Information breach at vogue retailer Mango
Spanish vogue retailer Mango has knowledgeable prospects a few knowledge breach involving a third-party advertising and marketing service supplier. Mango informed prospects that hackers obtained their identify, telephone quantity, e-mail deal with, and put up code, however passwords and banking info weren’t compromised.
CybaVerse raises £5 million
CybaVerse, a UK-based agency that gives an all-in-one cybersecurity administration platform for SMEs and MSPs, introduced elevating £5 million in a Sequence A funding spherical. The spherical was co-led by Pembroke VCT and Airbridge Fairness Companions, with participation from Haatch. The brand new funding will speed up CybaVerse’s gross sales and advertising and marketing efforts, increase its staff, and assist continued product growth.
Associated: In Different Information: Gladinet Flaw Exploitation, Assaults on ICS Honeypot, ClayRat Spy ware
Associated: In Different Information: PQC Adoption, New Android Spy ware, FEMA Information Breach
