SecurityWeek’s cybersecurity information roundup offers a concise compilation of noteworthy tales which may have slipped beneath the radar.
We offer a precious abstract of tales that won’t warrant a whole article, however are nonetheless essential for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the newest vulnerability discoveries and rising assault strategies to important coverage modifications and trade experiences.
Listed below are this week’s tales:
Radware cloud WAF vulnerabilities
CERT/CC experiences that Radware’s Cloud Net Utility Firewall (WAF) might have been bypassed utilizing specifically crafted HTTP requests. An attacker might have exploited the failings to bypass filtering and ship malicious inputs to the underlying net software. CERT/CC stated the vulnerabilities have been patched, however Radware has not acknowledged the findings once they had been initially disclosed by a researcher. Radware has additionally not responded to SecurityWeek’s request for remark.
xAI key leak uncovered LLMs utilized by Tesla and SpaceX
An worker at xAI, Elon Musk’s AI firm, inadvertently leaked an API key on GitHub. The important thing, which was accessible for roughly two months, might have been leveraged to question non-public xAI LLMs created particularly for different corporations belonging to Musk, together with Tesla, SpaceX, and X, Brian Krebs reported.Commercial. Scroll to proceed studying.
FBI warns of malicious proxy companies exploiting EOL routers
The FBI issued an alert this week to warn people and organizations that risk actors are abusing routers which have reached finish of life (EOL) for malicious proxy companies. The company stated routers made earlier than 2010 seemingly not obtain safety patches and could be compromised by risk actors. The gadgets are then used to create proxy companies that allow attackers to cover their identification and site.
Insecure messaging software utilized by nationwide safety advisor
Mike Waltz, who was eliminated not too long ago by President Trump from his put up as nationwide safety advisor following his position within the Signalgate incident, was caught utilizing an insecure chat software that’s based mostly on Sign. The app is known as TeleMessage and it was not too long ago hacked, with the attacker reportedly getting access to unprotected chat logs. The developer launched an investigation into what it described as a “potential safety incident” and briefly suspended TeleMessage companies.
PowerSchool hackers extorting faculty boards
Information stolen in a December 2024 assault on PowerSchool is now used to extort faculty boards throughout Canada and the US. Involving the platform’s SIS setting, the incident impacted hundreds of thousands, however PowerSchool paid a ransom to make sure stolen private data was not shared publicly. In line with the Toronto District College Board (TDSB), nevertheless, a risk actor nonetheless has the information and is now trying to extort TDSB and different North American faculty boards into paying one other ransom.
Severe vulnerability present in audio-over-IP product
A severe vulnerability has been discovered within the Digigram PYKO-OUT audio-over-IP (AoIP) product, particularly that in its default configuration it may be accessed remotely with out requiring any login data or a password. CERT/CC printed an advisory and the researcher who discovered the flaw, Souvik Kandar, described his findings in a weblog put up. Kandar informed Securityweek that he discovered greater than two dozen internet-exposed gadgets which might be susceptible to assaults.
Airline utilized by the Trump administration for deportations hacked
GlobalX, one of many airways utilized by the Trump administration to deport folks, has been focused by hackers. 404 Media reported that the airline was hacked by Nameless-affiliated hacktivists who managed to acquire flight data and passenger lists from the corporate’s methods.
Nomad cryptocurrency bridge hacker arrested
Alexander Gurevich, a Russian-Israeli citizen accused of being behind the 2022 hack concentrating on the Nomad cryptocurrency bridge, which resulted in losses totaling almost $200 million, has been arrested in Israel. He may very well be extradited to the US, the place he faces cash laundering costs.
Class motion lawsuit towards Delta over CrowdStrike incident
A US federal decide has dominated {that a} class motion lawsuit towards Delta Air Strains by passengers impacted by the CrowdStrike-caused outage final 12 months can proceed. The plaintiffs are sad with the compensation provided by Delta, which final 12 months filed a lawsuit towards CrowdStrike over the affect of the incident. CrowdStrike blamed Delta for the sluggish restoration of impacted methods.
India-Pakistan cyberattacks
There was a surge in cyberattacks between India and Pakistan following the current escalation within the battle between the 2 international locations. CyberKnow has been monitoring 45 hacktivist teams — 10 from India and 35 from Pakistan — which have primarily launched DDoS assaults and carried out web site defacements.
Associated: In Different Information: NullPoint Supply Code Leak, $17,500 for iPhone Flaw, BreachForums Down
Associated: In Different Information: Jail for Disney Hacker, MITRE ATT&CK v17, Large DDoS Botnet
