SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
ShinyHunters stole data of Gucci, Balenciaga and Alexander McQueen customers
The ShinyHunters group may have stolen the information of millions of customers of luxury brands Gucci, Balenciaga and Alexander McQueen, BBC reported. Parent company Kering has confirmed suffering a data breach, but said no financial information was compromised. The hackers claimed to have stolen data associated with 7.4 million unique email addresses.
Goshen Medical Center data breach impacts 450,000
Goshen Medical Center, a healthcare organization in North Carolina, has disclosed a data breach impacting more than 450,000 people. The company has confirmed that hackers stole personal and health information months after the BianLian ransomware group listed the organization on its leak website. It’s unclear what happened to the stolen data as the BianLian group has not been active since March.
Retina Group of Florida data breach
Another significant healthcare data breach was reported by ophthalmology practice Retina Group of Florida. The organization detected an intrusion in November 2024 and its investigation showed that the information of over 150,000 people may have been compromised as a result of the incident.
Critical Chaos-Mesh vulnerabilities
JFrog discovered four vulnerabilities in the Chaos engineering platform Chaos-Mesh, including three critical-severity flaws that could be exploited for code execution on any pod in the cluster. Named Chaotic Deputy, the security defects are tracked as CVE-2025-59358, CVE-2025-59360, CVE-2025-59361 and CVE-2025-59359 and were addressed in Chaos-Mesh version 2.7.3.
ShinyHunters claims theft of 1.5 billion records in Salesforce hack
The cybercrime group ShinyHunters claims to have stolen 1.5 billion records from 760 companies in the recent Salesforce–Salesloft attack, Bleeping Computer reported. Many cybersecurity firms have confirmed being impacted, but the claims of these types of hacking groups have often been exaggerated.
DeepSeek AI generates less secure code for China dissident groups
Research conducted by CrowdStrike shows that the code generated by the AI of Chinese firm DeepSeek is less secure if the request specifies that the code is for dissidents or other groups that may be considered sensitive by the Chinese government. If the request to DeepSeek specifies that the code is for the banned spiritual movement Falun Gong or the Islamic State, the AI may refuse to generate code. If it doesn’t refuse, the code is more likely to contain vulnerabilities, and so is in the case of code generated for Tibet and Taiwan. Code for industrial control systems is the most likely to contain security flaws.
Claroty publishes Global State of CPS Security report
Claroty has published a report titled ‘Global State of CPS Security 2025: Navigating Risk in an Uncertain Economic Landscape’. Based on a survey of 1,100 cybersecurity professionals, the report shows that 49% believe shifting global economic policies and geopolitical tensions are driving increased risk across cyber-physical system (CPS) assets and processes. More than three-quarters believe emerging regulations will force them to overhaul their current CPS security strategies.
Atlassian, Mozilla, WatchGuard, Nokia patches
Atlassian released patches for four vulnerabilities in third-party components used in Confluence, Jira, and Jira Service Management Data Center and Server. Mozilla rolled out Thunderbird and Firefox updates that resolve roughly a dozen bugs. WatchGuard announced fixes for CVE-2025-9242, a critical-severity flaw in Fireware OS that could lead to remote code execution, without authentication. Nokia informed customers about Nokia Container Service (NCS) and CloudBand Infrastructure Software (CBIS) flaws allowing authentication bypass and remote code execution.
Eve Security raises $3 million in seed funding
Austin, Texas-based Eve Security announced that it has raised $3 million in a seed funding round from LiveOak Ventures and Tau Ventures. The company also announced the launch of its product, EveGuard, an agentic AI observability and policy enforcement platform. The platform leverages Agent-in-the-Loop (AITL) technology to ensure the security of AI agents interacting with a company’s critical business systems.
Related: In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research
Related: In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked
Source link
