SecurityWeek’s weekly cybersecurity information roundup gives a concise overview of necessary developments that won’t obtain full standalone protection however stay related to the broader risk panorama.
This curated abstract highlights key tales throughout vulnerability disclosures, rising assault strategies, coverage updates, business studies, and different noteworthy occasions to assist readers keep a well-rounded consciousness of the evolving cybersecurity surroundings.
Listed below are this week’s highlights:
Nvidia cloud gaming accomplice suffers knowledge breach
Nvidia has confirmed {that a} breach of GeForce NOW person knowledge occurred via GFN.am, its regional Alliance accomplice working the service in Armenia, with no affect on Nvidia’s personal infrastructure. The incident, which happened between March 20 and 26, uncovered private particulars together with full names, e mail addresses, telephone numbers, dates of start, and usernames, however no passwords have been compromised, and customers who registered after March 9 are unaffected. A risk actor working beneath the ShinyHunters identify (believed to be an impersonator) claimed duty on a hacker discussion board and listed the total database for $100,000 in cryptocurrency earlier than the publish was taken down.
FCC buys time for international routers with prolonged replace window
International-made routers and drones on the FCC’s Lined Checklist — units deemed nationwide safety dangers — shall be allowed to obtain safety patches and firmware updates till not less than January 1, 2029, up from the earlier March 2027 cutoff. The company can also be contemplating making the waiver everlasting.
OpenAI strikes to offer EU regulators a take a look at its cyber AI
OpenAI is in talks with the European Fee to offer entry to a cyber-focused variant of GPT-5.5 that may establish and exploit software program vulnerabilities. The provide got here after EU cybersecurity and AI officers spent weeks unable to realize entry to Anthropic’s comparable mannequin, Mythos, which has been restricted to some dozen organizations. ENISA, the EU’s cybersecurity company, confirmed OpenAI made contact, and the Fee known as the transfer a step towards monitoring the mannequin’s deployment and addressing potential safety dangers.
Builders focused with faux Claude Code installer
Ontinue has uncovered an lively infostealer marketing campaign that makes use of faux Claude Code set up pages, promoted through sponsored search outcomes, to trick builders into operating malicious PowerShell instructions. The payload makes use of a small native helper to abuse Chrome’s App-Sure Encryption through the IElevator2 COM interface, extracting decrypted cookies, saved passwords, and cost knowledge from Chrome, Edge, Courageous, and different Chromium-based browsers, earlier than exfiltrating the info to attacker-controlled infrastructure. The malware doesn’t match any identified household and is notably well-maintained.
Seedworm targets South Korean electronics producer
Iran-linked group Seedworm (also referred to as MuddyWater) breached a serious South Korean electronics producer in February 2026 as a part of a broader marketing campaign hitting not less than 9 organizations throughout 4 continents, together with authorities companies, industrial producers, monetary providers corporations, and academic establishments. The attackers used DLL sideloading through legitimately signed Fortemedia and SentinelOne binaries to deploy malicious payloads.
Android 17 brings AI-driven defenses
Google’s Android 17 introduces a broad set of safety upgrades, together with verified monetary calls (mechanically drops spoofed calls impersonating taking part banks) and expanded Reside Menace Detection, which now flags suspicious behaviors like SMS forwarding and accessibility overlay abuse in actual time. On the anti-theft entrance, biometric authentication can now be required to unlock a tool marked as misplaced, and default-on theft protections are rolling out globally. The replace additionally introduces post-quantum cryptography, automated OTP hiding from most apps, and Android OS verification to assist customers verify they’re operating a reliable construct.
Massive Tech pushes again on Canada’s encryption invoice
Apple and Meta are opposing Invoice C-22, a Canadian lawful-access invoice they warn may drive tech firms to construct encryption backdoors or set up authorities adware on their methods. Meta pointed to the Salt Hurricane espionage marketing campaign as proof that approved backdoors could be exploited, whereas Public Security Canada insists the invoice wouldn’t require systemic vulnerabilities, although each tech firms say the actual threat lies in how the invoice’s broad powers may very well be interpreted as soon as enacted.
Grego AI and Secludy announce launch and funding
Secludy introduced elevating $4 million for its newly launched platform, designed to assist organizations in regulated industries safely use useful knowledge for AI. The platform generates artificial knowledge that mirrors unique datasets, enabling prospects to coach and consider AI fashions with out exposing delicate buyer info.
Grego AI emerged from stealth mode with a platform that pushes current AI fashions past their anticipated capabilities to search out essential software program vulnerabilities. The corporate mentioned it earned a $250,000 bug bounty for a vulnerability it uncovered, and claims to have helped forestall a $27 million assault. Grego AI informed SecurityWeek that it raised $2 million in funding.
Audi’s related automobile platform uncovered proprietor knowledge
A safety researcher found a number of vulnerabilities within the myAudi related automobile platform, discovering that anybody who is aware of a car’s VIN can add it to their account as a visitor and entry delicate knowledge. Uncovered info included the embedded SIM’s IMEI and ICCID identifiers, the GPS location of the first proprietor once they triggered a ‘honk & flash’ command, in addition to car lock standing. CARIAD, the VW Group’s software program arm, has patched one challenge, however the researcher says the remaining findings are nonetheless beneath analysis. Audi has not responded to SecurityWeek’s request for remark.
Cisco open-sources blueprint for AI-driven vulnerability analysis
Cisco has launched Foundry Safety Spec, an open supply specification for constructing agentic safety analysis methods that use frontier AI fashions to search out and validate vulnerabilities in a structured, auditable method. Slightly than sharing inside code tied to Cisco’s personal infrastructure, the corporate is releasing the design (eight core agent roles, a discovering lifecycle, and 130 useful necessities) so safety groups can adapt it to their very own environments.
FBI points warning after ShinyHunters hacks Canvas
ShinyHunters has claimed duty for an assault on Instructure’s Canvas system, which disrupted service to academic establishments throughout the US, and the FBI is now warning that affected college students and school may very well be targets for extortion and complex spearphishing utilizing stolen knowledge. The group is thought for large-scale knowledge theft and aggressive strain techniques to coerce victims into paying, together with threatening calls, texts to relations, and swatting. The US authorities has requested Instructure to present clarification after the corporate admitted it reached an settlement with the hackers.
Associated: In Different Information: Prepare Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
