SecurityWeek

The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia.

China’s DeepSeek blamed sign-up disruptions on a cyberattack as researchers started finding vulnerabilities in the R1 AI model. 

ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack.

SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild.

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks.

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities.

Cybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage – and it’s getting worse.

Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool.

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted. 

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.

The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals.

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.

North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions.

Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York for $2 million, trojanized RAT builder targets script kiddies.  

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea.

CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.  

Four decades of student and educator information was stolen from PowerSchool – tens of millions are potentially affected.

Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect ourselves from social engineering.

Pwn2Own Automotive 2025 has come to an end and participants have earned a total of $886,000 for exploits targeting EV chargers and infotainment systems.