SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape.
This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment.
Here are this week’s highlights:
Tennessee hacker gets probation for Supreme Court breaches
Nicholas Moore, 25, was sentenced to 12 months of probation after pleading guilty to a misdemeanor for using stolen credentials to break into the Supreme Court’s e-filing system on 25 separate days, plus systems at AmeriCorps and the Veterans Administration Health System. Rather than exploiting the access financially, he posted screenshots of the breached accounts apparently just to impress people online.
UK military deployed to protect internet communications
The UK has deployed military assets, including warships, support tankers, Merlin helicopters, and RAF P‑8 maritime patrol aircraft, to protect undersea communications cables from a perceived Russian naval threat. Tony O’Sullivan, CEO of RETN, comments, “Accidental damage is no longer the only threat, and operators and enterprises can no longer assume routes are safe and stable when assessing resilience. Rather, you have to engineer it into the network itself. Route diversity is a must to avoid creating single points of failure, as is ensuring visibility across international paths. Rather than trying to prevent disruption, we have to design networks to cope with it.”
Lovable’s shifting story on exposed user data
Vibe-coding startup Lovable — valued at $6.6 billion — fumbled its response to a BOLA vulnerability that allowed any free account holder to read other users’ source code, database credentials, and chat history. A researcher reported the flaw to HackerOne 48 days before going public, but the bug was closed without escalation because HackerOne assumed the exposure was intentional behavior. Lovable initially called it a design decision, then reversed course and admitted a February backend change had accidentally re-enabled access to public project chats — a setting they had previously patched out.
US accused of exploting backdoor to disable Iranian infrastructure
According to Iranian state media, during an attack on the city of Isfahan, networking equipment from Cisco, Juniper, Fortinet, and MikroTik failed simultaneously despite being disconnected from the global internet. Local experts suspect these outages were triggered by pre-installed firmware backdoors or supply chain compromises that allowed for remote deactivation via satellite or internal signals.
Claude Mythos accessed by unauthorized testers
Anthropic’s Claude Mythos was reportedly accessed by unauthorized users through a third-party vendor environment. Bloomberg News reports that someone discovered the interface, which allowed for the testing of Mythos’ advanced capabilities. The AI giant has since restricted access to the abused portal.
Data breach at French state agency
France Titres, the agency responsible for passports and driver’s licenses, confirmed a security breach on its ANTS portal that may have exposed the data of millions of users. A threat actor is currently attempting to sell a database on hacking forums containing roughly 19 million records, including names, birth dates, and unique account identifiers.
Sean Plankey withdraws nomination for CISA director
Sean Plankey has officially withdrawn his name for the role of Director at the Cybersecurity and Infrastructure Security Agency after a prolonged confirmation stalemate in the Senate. The withdrawal leaves the nation’s primary cyber defense agency without a permanent leader. This move forces the White House to restart the search for a candidate capable of navigating a deeply divided political landscape. Nick Andersen is currently Acting Director of CISA.
UK’s NCSC debuts hardware guard to prevent data leakage via monitors
The UK’s National Cyber Security Centre has developed a hardware security device designed to stop sensitive data from being exfiltrated through high-resolution display links. Named SilentGlass, the plug-and-play device “actively blocks anything unexpected or malicious between HDMI and Display Port connections and screens.” Recommended for high-threat environments, the device can now be acquired by anyone after being tested in government organizations.
Global defense agencies issue alert on Chinese botnet infrastructure
The FBI, CISA, and international partners have released a joint advisory regarding a massive network of compromised SOHO routers and IoT devices orchestrated by China-linked threat actors. The state-sponsored group Volt Typhoon has used the botnet to target critical infrastructure sectors. The agencies have issued recommendations for defending against such covert networks.
Google expands enterprise security with browser and device controls
Google has introduced new security capabilities within Chrome Enterprise and Android. Chrome Enterprise Premium now offers advanced data loss prevention and capabilities to address AI risks. Google is also expanding security for mobile, blocking sensitive data downloads on unmanaged devices. New controls in the Google Admin console allow for more granular policy enforcement across both browsers and devices to reduce the attack surface.
Related: In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
Related: In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
