SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
US Department of War unveils new cybersecurity framework
The Department of War has announced a new Cybersecurity Risk Management Construct (CSRMC) to modernize its cyber defenses. The CSRMC is a five-phase, ten-tenet framework that replaces manual processes with a dynamic, automated approach to ensure continuous monitoring and real-time defense. The goal is to embed cybersecurity into every stage of system development and operations for the technological superiority of warfighters against evolving threats.
Dragos unveils major platform update
ICS/OT cybersecurity firm Dragos has announced Dragos Platform 3.0, a major update that delivers new capabilities to empower defenders to act faster and more confidently. The updated platform brings a new Insights Hub for consolidating alerts, streamlined workflows, AI-enhanced vulnerability processes, and smaller footprint deployment options.
3 million impacted by hack at South Korean credit card company
South Korean credit card company Lotte Card was recently targeted in a hacker attack that resulted in the information of nearly three million people being compromised. The stolen data includes information such as resident registration numbers, virtual payment codes and, in the case of 280,000 customers, highly sensitive card information that can be used for fraud.
LockBit 5.0
Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption.
Maryland Transit Administration targeted by ransomware group
The Maryland Transit Administration (MTA) has disclosed a cybersecurity incident that involved unauthorized access to some of its systems. The incident resulted in some online services being disrupted and the MTA confirmed that some data was stolen in the attack. The Rhysida ransomware group took credit for the attack.
Vulnerability affecting OnePlus smartphones disclosed without patch
Rapid7 has disclosed the technical details of a vulnerability affecting OnePlus smartphones after it was not able to responsibly report its findings to the vendor. The security hole (CVE-2025-10184) impacts OxygenOS and it can allow a malicious app to read SMS/MMS data and metadata without any user interaction, potentially exposing MFA codes. After Rapid7 published a blog post describing its findings, OnePlus told the security firm that it’s investigating the issue.
Microsoft says AI detected AI-aided phishing campaign
Microsoft says its AI-powered security systems were able to detect and block a phishing campaign that leveraged AI to obfuscate a payload in an effort to evade defenses. An analysis of the malicious code by Microsoft’s Security Copilot revealed that the code was “not something a human would typically write from scratch due to its complexity, verbosity, and lack of practical utility.”
Over 270,000 Indian bank transfer records exposed
Researchers at UpGuard discovered an unprotected Amazon S3 storage bucket containing more than 270,000 documents, each detailing a money transfer pertaining to one of 38 Indian banks. The exposed information included bank account numbers, transaction amounts, names, phone numbers, and email addresses. UpGuard has not been able to determine the source of the leak.
Co-op lost £206 million in sales due to cyberattack
Co-op reported this week that the recent cyberattack has cost it £206 million ($275 million) in lost sales. The cyberattack resulted in a data breach impacting the information of 6.5 million members. The disruptions caused by the incident led to digital payment issues and empty store shelves. Marks & Spencer, which was targeted in the same attack, estimated in May that the incident would cost it £300 million (roughly $400 million).
Related: In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias
Related: In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research
