SecurityWeek’s cybersecurity information roundup gives a concise compilation of noteworthy tales which may have slipped below the radar.
We offer a precious abstract of tales that won’t warrant a whole article, however are nonetheless necessary for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the newest vulnerability discoveries and rising assault methods to important coverage modifications and trade reviews.
Listed here are this week’s tales:
Claude Expertise used to execute ransomware
Cato Networks has used Expertise, a brand new characteristic for Anthropic’s Claude AI assistant, to execute ransomware in a managed setting. Antrophic says the code execution performance works as meant for Expertise. Cato argues that authentic Expertise may very well be weaponized through minor modifications, and that they’ll propagate by public repositories and social engineering. Nonetheless, the safety agency admits that Claude shows clear approval prompts to the consumer.
Array vulnerability exploited within the wild
Japan’s JPCERT/CC has warned {that a} vulnerability affecting Array Networks’ AG safe entry gateways has been exploited in assaults. The flaw, a command injection subject that doesn’t have a CVE identifier, was patched in Could 2025 with the discharge of ArrayOS AG 9.4.5.9. JPCERT has discovered proof that the vulnerability has been exploited towards customers in Japan since August 2025. The impacted product is prevalent in Asia.
North Korea suspected of $30 million Upbit cryptocurrency heist
Upbit, a significant South Korea-based cryptocurrency change, not too long ago had roughly $30 million of cryptocurrency stolen. The heist is believed to be the work of the North Korean hacking group Lazarus. Again in 2019, hackers stole $49 million price of Ethereum from Upbit.
Akamai patches HTTP request smuggling vulnerability
Akamai introduced this week that it not too long ago patched a vulnerability tracked as CVE-2025-66373 that might have uncovered clients to HTTP request smuggling assaults. Some of these assaults can usually be leveraged to steal credentials or different delicate knowledge, and to redirect customers to arbitrary web sites. HTTP request smuggling makes headlines each few years because of its probably important affect.
CISA workers advised to not converse with reporters
A leaked inside e-mail revealed that management on the cybersecurity company CISA has requested workers to not speak to information reporters in an unauthorized capability, in keeping with Nextgov/FCW. “In in the present day’s tradition of data saturation, it’s crucial that we guarantee all official data communicated on behalf of CISA is present, correct, unbiased, and authoritative. This contains any official data communicated to the media,” the e-mail reads. It’s unclear whether or not the memo was triggered by a selected incident.
North Korean faux IT employee recruiters caught on digicam
Researchers performed an intensive investigation into North Korea’s faux IT employee scheme, detailing how authentic builders are lured into renting their credentials and identities to safe distant jobs in firms that prohibit hiring from the nation. The investigation, which included video calls with a number of North Korean recruiters, revealed that the recruiters requested for twenty-four/7 entry to the developer’s pc to facilitate the masquerade.
X fined €120 million over disinformation
The European Fee has fined the social media firm X with €120 million ($139 million) over its alleged failures to deal with disinformation. The effective was issued below the Digital Providers Act (DSA), which requires firms to guard customers towards disinformation and affect operations or face fines of as much as 6% of their turnover.
New MuddyViper backdoor utilized by Iranian cyberspies
The Iranian cyberespionage group named MuddyWater has developed a brand new backdoor dubbed MuddyViper by ESET. The safety agency has noticed assaults aimed toward Israel, with at the very least one sufferer in Egypt. In contrast to earlier MuddyWater assaults, which had been noisy and simple to detect, the brand new exercise was extra targeted and complicated.
PickleScan vulnerabilities
JFrog has disclosed the main points of three not too long ago patched PickleScan vulnerabilities. PickleScan is a instrument for scanning machine studying (ML) fashions to detect malicious content material. The vulnerabilities discovered by JFrog might have been exploited to “evade PickleScan’s malware detection and probably execute a large-scale provide chain assault by distributing malicious ML fashions that conceal undetectable malicious code”.
Associated: In Different Information: HashJack AI Browser Assault, Charming Kitten Leak, Hacker Unmasked
Associated: In Different Information: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring
