SecurityWeek’s weekly cybersecurity information roundup provides a concise overview of essential developments that will not obtain full standalone protection however stay related to the broader menace panorama.
This curated abstract highlights key tales throughout vulnerability disclosures, rising assault strategies, coverage updates, trade experiences, and different noteworthy occasions to assist readers keep a well-rounded consciousness of the evolving cybersecurity surroundings.
Listed below are this week’s highlights:
OFAC hits Iranian central financial institution crypto reserves
OFAC designated two cryptocurrency wallets immediately linked to Iran’s Central Financial institution, marking the primary such motion in opposition to the establishment and tying them to the IRGC-Qods Power and Hizballah. In coordination with US regulation enforcement, Tether froze roughly $344 million in USDT throughout the addresses, which had collected roughly $370 million by almost 1,000 transactions since March 2021 and largely remained dormant after late 2023 as sovereign reserves.
US seeks extradition of teenage Scattered Spider member arrested in Finland
Finnish authorities arrested 19-year-old Peter Stokes (on-line deal with ‘Bouquet’), a twin US-Estonian citizen, as he tried to board a flight to Japan. US prosecutors in Chicago cost him as a key member of the Scattered Spider hacking group, alleging involvement in a number of intrusions in opposition to giant firms. Stokes faces counts of wire fraud, conspiracy, and pc intrusion. The US is pursuing his extradition whereas highlighting his flashy way of life and public taunting of regulation enforcement.
ADT suffers main knowledge leak
Dwelling monitoring supplier ADT has confirmed that unauthorized actors gained entry to its cloud-based methods, resulting in the publicity of buyer data. The ShinyHunters extortion group claimed accountability for the assault, asserting they exfiltrated over 10 million data from a Salesforce database after ransom negotiations failed. Knowledge verified by Have I Been Pwned signifies roughly 5.5 million distinctive electronic mail addresses had been leaked, alongside names, bodily addresses, and in some cases, partial SSNs.
Microsoft sunsets outdated encryption for legacy electronic mail protocols
Microsoft has introduced that Alternate On-line will start blocking TLS 1.0 and 1.1 for all POP and IMAP visitors beginning in July 2026. This full deprecation eliminates earlier workaround choices, forcing a compulsory transition to TLS 1.2 or later for any merchandise nonetheless counting on legacy cryptographic requirements.
Outdated NSA mapping software poses danger to industrial networks
CISA has issued an advisory concerning a vital vulnerability in GRASSMARLIN, an open supply software initially developed by the Nationwide Safety Company (NSA) for mapping industrial management system (ICS) networks. The flaw permits attackers to set off out-of-band exfiltration of delicate information, which consultants say can facilitate lateral motion in industrial networks. As a result of the software reached end-of-life standing in 2017, no official patches will probably be launched.
Poor metrics undermine SOC effectiveness
The UK’s Nationwide Cyber Safety Centre (NCSC) warns that measuring a Safety Operations Middle (SOC) by ticket quantity and log counts creates perverse outcomes that compromise community security. The company means that leaders ought to prioritize ‘time to detect’ and ‘time to reply’ metrics, that are finest validated by pink or purple workforce workouts. It encourages analysts to concentrate on high-value menace searching and experience moderately than merely racing to shut alerts as shortly as potential.
North Korean hackers deploy subtle digital assembly lures in opposition to crypto companies
BlueNoroff, a financially motivated arm of the North Korean Lazarus Group, is conducting a social engineering marketing campaign aimed toward Web3 organizations. Attackers lure executives into pretend Zoom conferences the place fabricated technical points immediate victims to execute malicious PowerShell scripts disguised as software program fixes. This malware harvests credentials from cryptocurrency pockets extensions and captures dwell webcam footage to refine deepfake personas for subsequent assaults.
Cursor IDE vulnerability opens door for silent code execution
Novee Safety has recognized a high-severity vulnerability within the Cursor IDE that permits attackers to realize arbitrary code execution through malicious Git hooks. Tracked as CVE-2026-26268, the flaw is triggered when the software’s AI agent autonomously performs Git operations, executing hidden scripts in nested repositories with out the developer’s data or approval.
CISA releases steering for zero belief in OT and agentic AI companies adoption
CISA has revealed two steering sources developed in collaboration with different businesses. One focuses on making use of zero belief ideas to operational expertise (OT), addressing the rising IT-OT convergence that has expanded assault surfaces. Within the second steering, CISA and companions urge measured rollout of agentic AI methods. The useful resource highlights key safety dangers and challenges whereas providing sensible steps for design, deployment, and operation that align with present cybersecurity frameworks and strengthen oversight.
Attackers hijack Qinglong activity administration platforms to mine cryptocurrency
Snyk experiences that menace actors are exploiting authentication bypass vulnerabilities within the Qinglong open supply activity scheduler to deploy a persistent cryptominer. The failings, tracked as CVE-2026-3965 and CVE-2026-4047, enable unauthenticated distant code execution by exploiting discrepancies in how the system handles URL rewriting and case-sensitive path matching. Impacted servers expertise extreme CPU saturation.
Associated: In Different Information: Satellite tv for pc Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
Associated: In Different Information: Unauthorized Mythos Entry, Plankey CISA Nomination Ends, New Show Safety System
