SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Google Cloud post-quantum computing strategy for encryption products
Google Cloud has outlined its post-quantum computing strategy for encryption products, and announced the availability (in preview) of quantum-safe digital signatures in its Key Management Service (KMS).
Novel analysis method for hacktivist attacks
Check Point has come up with a novel analysis method for hacktivist attacks, using machine learning and linguistic analysis. The security firm has conducted a study that involved the analysis of thousands of public messages from dozens of hacktivist groups in an effort to discover key topics they discussed, their motivations over time, and links between different gangs. The researchers believe the method can improve hacktivist attack attribution.
$1 million offered at 2025 Pwn2Own Berlin
Pwn2Own is moving from Vancouver, Canada, to Berlin, Germany, with the event set to take place May 15-17 alongside the OffensiveCon conference. The prize pool exceeds $1 million, with rewards being offered for exploits targeting Tesla cars, browsers, cloud and container services, virtualization software, enterprise applications, servers, and operating systems. An AI category, with prizes of up to $40,000 per exploit, has also been added this year.
Chinese APT delivers RAT via medical software
Forescout has seen a China-linked APT named Silver Fox attempting to deliver a RAT that gives the attacker backdoor access to targeted systems. The hackers have been observed delivering the malware by using a trojanized version of a Philips DICOM viewer, which is used to view medical files. There is no indication that Philips products or systems have been compromised to enable the attack.
Krispy Kreme data breach costs
Donut and coffee retail chain Krispy Kreme has revealed that the cyberattack suffered last year, which turned out to be a ransomware attack where hackers stole personal and financial data, has cost the company roughly $11 million by the end of fiscal year 2024.
FTC notifying Avast customers eligible for $16.5 million settlement
The FTC is notifying Avast customers who are eligible for compensation as part of a $16.5 million settlement reached with the antivirus company over its deceptive privacy claims. The FTC is emailing nearly 3.7 million consumers. The agency accused Avast of deceiving users between 2014 and 2020 by telling them that their privacy would be protected by blocking third-party tracking, while failing to adequately inform them that their data would be collected and sold to others through an Avast subsidiary.
UK water company says ransomware attack cost £4.5 million
Southern Water, which provides water and wastewater services to millions of customers in the UK, has revealed that a ransomware attack that came to light in early 2024 has cost the company £4.5 million (roughly $5.6 million). The company was targeted by the Black Basta ransomware group, which claimed to have stolen hundreds of gigabytes of files.
How Disney was hacked via one employee’s computer
The Wall Street Journal (paywalled link) has presented the story of a former Disney employee involved in a massive hack that came to light in July 2024. The employee downloaded an AI image generation tool containing malware, which allowed hackers to steal credentials from his computer, including ones that enabled access to Disney systems. The hackers stole customer and employee information, as well as corporate documents from the entertainment giant. The employee whose computer was hacked was fired for misconduct, which he denies.
Nozomi releases OT/IoT security report
Nozomi Networks has released its latest OT/IoT Cybersecurity Trends and Insights Report. The company has found that 94% of Wi-Fi networks lack protection against deauthentication attacks, putting organisations at risk of credential theft, traffic interception and spoofing. It also found that critical manufacturing remains the top targeted sector, with the highest number of alerts per customer since 2024 and 462 recorded attacks.
GreyNoise releases 2025 Mass Internet Exploitation Report
Threat intelligence firm GreyNoise has released its 2025 Mass Internet Exploitation Report, which shows that the most exploited vulnerability of 2024 targeted home routers, fueling massive botnets. The company found that attackers are exploiting critical vulnerabilities within hours of disclosure, and some very old vulnerabilities remain among the most targeted.
Related: In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked
Related: In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool
