SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Hacker helped drug cartel kill FBI sources
A hacker hired by drug lord El Chapo’s cartel retrieved data from the FBI Assistant Legal Attache’s (ALA T) phone and compromised Mexico City’s camera system to follow the ALA T and identify people they were meeting with. “The cartel used that information to intimidate and, in some instances, kill potential sources or cooperating witnesses,” a Justice Department watchdog report (PDF) shows.
Jail for disgruntled IT worker who hacked former employer
Mohammed Umar Taj, 31, of Hyrst Garth, Batley, UK, was sentenced to seven months and 14 days in prison for unlawfully accessing his former employer’s premises, altering login credentials, and changing access credentials and multi-factor authentication configuration to disrupt the company’s operations.
Researchers gain full control of car by intercepting CAN data
Pen Test Partners researchers explain how they tapped into the CAN bus of a 2016 Renault Clio using cheap wire splicers, and intercepted CAN data to gain control of the vehicle. After mapping steering, brake, and throttle signals to a game controller, they essentially turned the car into a Mario Kart controller.
Critical Sudo vulnerability lingered for 12 years in most Linux servers
Sudo, the privileged command-line tool in Linux systems, this week patched two vulnerabilities that could allow attackers to elevate privileges and execute arbitrary commands as root. One of the flaws, tracked as CVE-2025-32463, has been around for two years (introduced in Sudo 1.9.14 and resolved in 1.9.17p1). The second bug, CVE-2025-32462, has been around for 12 years (impacts Sudo versions 1.8.8 to 1.9.17).
Crylock ransomware developer gets seven years in prison
The Brussels criminal court sentenced the Russian developer of Crylock ransomware, who also led the malware’s deployment on thousands of computers, to seven years in prison. His former co-conspirator, a female involved in advertising Crylock and negotiating with the victims, was sentenced to five years. Law enforcement seized over €60 million (~$70 million) in cryptocurrency representing illegal proceeds from the ransomware operation.
DataBahn.ai raises $17 million in Series A funding
Security-native data pipeline platform DataBahn.ai has raised $17 million in a Series A funding round led by Forgepoint Capital. With $19 million raised to date, the startup will focus on the development of its platform roadmap for agentic AI, to provide enterprises with increased visibility and control over their data pipelines.
Federal Swiss data stolen in ransomware attack
A ransomware attack on health promotion non-profit Radix has resulted in federal Swiss data compromise, the country’s government announced. “Radix’s customers include various federal offices. The data has been published on the dark web and will now be analysed by the relevant offices,” the government said. Radix immediately discontinued the impacted systems, and said it would restore all data from undamaged backups.
Two arrested in Spain for selling personal information of officials, journalists
Spain’s National Police announced the arrest of two individuals involved in the exfiltration and trading of personal information belonging to high-ranking state and government officials, and journalists. The two also offered credentials belonging to political parties and accepted payments in cryptocurrency.
US sanctions bulletproof hosting provider Aeza Group
The US Treasury sanctioned Russian bulletproof hosting services provider Aeza Group for supporting ransomware and other malware gangs, such as BianLian ransomware, and the Lumma, Meduza, and RedLine infostealers. The US also designated Aeza International Ltd., the UK branch of the company, along with its Russian subsidiaries, its CEO and 33% owner Arsenii Aleksandrovich Penzev, general director and 33% owner Yurii Meruzhanovich Bozoyan, technical director Vladimir Vyacheslavovich Gast, and 33% owner Igor Anatolyevich Knyazev.
Former ransomware negotiator under investigation
A former employee of cybersecurity consulting DigitalMint, which negotiates with hackers during cyberattacks and facilitates ransom payments, is under investigation for allegedly profiting from extortion payments. DigitalMint has confirmed the matter, saying it is cooperating with the criminal investigation into the former employee’s alleged unauthorized conduct.
*Sudo vulnerability summary has been updated to clarify CVEs and impacted versions
Related: In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update
Related: In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer
