SecurityWeek’s cybersecurity information roundup offers a concise compilation of noteworthy tales which may have slipped below the radar.
We offer a precious abstract of tales that will not warrant a whole article, however are nonetheless essential for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a set of noteworthy developments, starting from the newest vulnerability discoveries and rising assault methods to vital coverage modifications and business stories.
Listed here are this week’s tales:
iOS 26 deletes spy ware an infection proof
Cell safety agency iVerify reported that Apple’s new iOS 26 is overwriting the ‘shutdown.log’ file on each machine reboot. This file is crucial as it might probably maintain proof of Pegasus and Predator spy ware infections, and iOS 26 is deleting that potential proof on each iPhone reboot. “This improvement poses a severe problem for forensic investigators and people searching for to find out if their gadgets have been compromised at a time when spy ware assaults have gotten extra frequent,” iVerify famous.
Important flaws stay unpatched in EfficientLab worker monitoring software program
SEC Seek the advice of has found a number of vulnerabilities in EfficientLab’s WorkExaminer Skilled worker monitoring software program, together with flaws that may permit an attacker on the community to take management of the system and accumulate screenshots or keystrokes. SEC Seek the advice of says the vulnerabilities have possible not been patched after the seller advised it that they don’t seem to be in scope of its bug bounty program. The safety agency didn’t obtain any additional response after informing EfficientLab that the objective was to get the vulnerabilities fastened, to not obtain a bug bounty. Commercial. Scroll to proceed studying.
Scouting America launches AI and cybersecurity benefit badges
This fall, new benefit badges in synthetic intelligence (AI) and cybersecurity permit Scouts to construct future-ready abilities with steerage by the Scouts BSA program. The AI badge is earned not just for the usage of AI, but in addition for studying to identify deepfakes and important pondering concerning the moral questions surrounding AI. The cybersecurity badge is earned for studying to establish cyber threats and utilizing safety options.
CrowdStrike publishes APJ cybercrime report
CrowdStrike has launched its 2025 APJ eCrime Panorama Report, which focuses on the Asia-Pacific and Japan area. The report particulars how anonymized underground markets comparable to Huione Assure processed over $27 billion in unlawful trades, and the way AI-enhanced ransomware teams comparable to KillSec and Funklocker are driving a pointy rise in Large Recreation Looking ransomware campaigns.
Everest group takes credit score for Collins Aerospace hack
The Everest ransomware group has listed Collins Aerospace on its web site, threatening to leak stolen information except a ransom is paid. The assault on Collins Aerospace brought about vital disruptions at main airports in Europe. Everest claims to have stolen over 50 GB of data, together with 1.5 million private data data. The hackers declare they didn’t deploy file-encrypting malware on Collins programs. It was beforehand reported that the assault was linked to an obscure piece of ransomware named HardBit.
Maryland launches vulnerability disclosure program
Maryland has introduced a statewide vulnerability disclosure program (VDP) to make it simpler for safety researchers to report vulnerabilities in programs owned, operated or managed by the state. Maryland additionally introduced that its Data Sharing and Evaluation Middle (MD-ISAC) is now open to all state businesses, native governments, crucial infrastructure, and business companions.
Warlock ransomware and new ToolShell assaults linked to China
The Symantec and Carbon Black Risk Hunter Workforce has revealed separate stories on the Warlock ransomware and up to date ToolShell assaults, each linked to China. Within the case of the ToolShell assaults, the researchers have seen post-patch exploitation in opposition to a Center East telecom agency, a number of African and South American authorities networks, and a US college. The risk actors behind the Warlock ransomware, which had been additionally caught exploiting ToolShell, are additionally believed to be primarily based in China and the researchers have discovered proof that it might not be a brand new group, linking it to malicious exercise relationship way back to 2019.
Ex-L3Harris cyber govt accused of promoting secrets and techniques to Russia
The US Justice Division has unveiled prices in opposition to Peter Williams, a former govt of Trenchant, the cyber unit of protection contractor L3Harris, for allegedly stealing commerce secrets and techniques and promoting them to a Russian purchaser for $1.3 million. The indictment doesn’t identify any of the businesses from which information was stolen and it’s unclear who the client was.
Avid gamers focused with purple teaming device and RAT
Netskope this week revealed two stories describing threats concentrating on avid gamers. In keeping with the corporate, a purple teaming device named RedTiger has been utilized in assaults aimed toward avid gamers and Discord accounts. RedTiger can steal data comparable to passwords, cookies, obtain and looking historical past, information, cryptocurrency information, Discord information, cost data, and webcam captures. The second report describes a brand new Python RAT that poses as reputable Minecraft software program. It additionally allows attackers to steal delicate data from avid gamers’ gadgets.
Huge quantities of knowledge uncovered to Shadow Escape assault
Operant AI researchers have found Shadow Escape, a stealthy zero-click assault that impacts organizations utilizing MCP with any AI assistant. Shadow Escape exploits the inherent belief in AI agent/MCP connections to secretly exfiltrate huge quantities of delicate person information from inside a community. As a result of it leverages commonplace MCP setups and default permissions, the potential scale of knowledge exfiltration is estimated to be large (within the trillions of data, in accordance with Operant).
Associated: In Different Information: Gladinet Flaw Exploitation, Assaults on ICS Honeypot, ClayRat Spy ware
Associated: In Different Information: CrowdStrike Vulnerabilities, CISA Layoffs, Mango Information Breach
