SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
AT&T agrees to $177 million data breach lawsuit settlement
AT&T has been granted preliminary approval to settle lawsuits related to data breaches that occurred in 2019 and 2024. The telecom giant has agreed to pay a total of $177 million to impacted customers, who are eligible to receive up to $2,500 or $5,000 depending on the incident that affected them and the losses they suffered. AT&T denied the allegations in the lawsuits and said it has agreed to the settlement to “avoid the expense and uncertainty of protracted litigation”.
United Natural Foods restores systems hit by cyberattack
United Natural Foods (UNFI), a distributor for Whole Foods and many other supermarkets in North America, has informed the public and the SEC that it has restored core systems following the disruptions caused by a recent cyberattack. The incident led to grocery shortages, but the company now says there is no indication that personal or protected health information has been breached. No ransomware group has taken credit for the attack.
US House of Representatives bans WhatsApp
Staff at the US House of Representatives have received a memo instructing them not to use WhatsApp on official devices “due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use”. WhatsApp owner Meta does not agree, arguing that the app is more secure than the alternatives recommended by the House, such as Microsoft Teams, Wickr, Signal, iMessage and FaceTime. WhatsApp users are known to have been targeted with sophisticated spyware.
FDA releases whitepaper on securing OT used for medical product manufacturing
The FDA has released a whitepaper on securing operational technology (OT) used for medical product manufacturing. The paper cites known ICS attacks and their impact, outlines the challenges of securing OT environments, and summarizes three key aspects: technical information exchange, security standards and compliance, and the need for security by design.
SAP GUI client vulnerabilities
Pathlock has disclosed the details of two recently patched SAP GUI client vulnerabilities. Researchers found that the SAP GUI input history feature stores sensitive user‑entered values in an unsafe manner. While SAP has released updated versions that introduce stronger encryption, the fallback mechanisms may still leave some clients vulnerable and Pathlock recommends fully disabling the input history functionality.
Interpol warns of surge in cybercrime in Africa
A new report from Interpol says more than 30% of all reported crime in Eastern and Western Africa is cybercrime. Online scams are the most common, but ransomware, BEC attacks, and sextortion are also widespread. Interpol found that 90% of African countries need significant improvement in law enforcement and prosecution capacity.
Forescout publishes 2025 Global Industrial Cybersecurity Benchmark
Forescout’s 2025 Global Industrial Cybersecurity Benchmark report shows that more than half of organizations deploy at least three separate tools for IT, OT and IoT monitoring, which can create blind spots and delay threat detection and response. In addition, nearly 60% of organizations have low or no confidence in their OT and IoT threat detection capabilities. Most are mainly concerned about supply chain threats and cybercriminal activities, rather than state-sponsored attacks and zero-day exploitation.
Ransomware attack contributed to death
An investigation conducted in the UK revealed that a ransomware attack launched in 2024 contributed to a patient’s death. The attack was launched by the Qilin ransomware group and it targeted a pathology services provider, which led to long wait times for blood test results requested by hospitals. This was one of the factors cited in an investigation into the death of an individual being treated at one of the impacted hospitals.
Norwegian dam hacked
Systems at Norway’s Lake Risevatnet dam were hacked earlier this year and the attackers opened water valves at full capacity. The unidentified threat actor caused water to flow at nearly 500 liters per second over the minimum requirement, but that is nowhere near the riverbed’s 20,000 liter per second capacity, which meant that no real harm was caused. The hack was detected four hours later. Similar to many other ICS attacks, the incident involved a weak password rather than any sophisticated hacking techniques.
Nova Scotia Power shares cyberattack update
Canadian electric utility Nova Scotia Power has shared another update on the recent cyberattack. The company said a ransomware group compromised the information of not only current but also former customers, all of which are being offered five years of free credit monitoring services. Nova Scotia Power previously said that it had notified 280,000 people about the data breach.
Related: In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer
Related: In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost
