SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
CrowdStrike CEO gifted $1 billion worth of stock
CrowdStrike CEO George Kurtz has gifted over $1 billion worth of the cybersecurity company’s stock to unnamed recipients, reducing his voting power in the company by 92%, Bloomberg reported. The company, which took a significant hit last year due to the global outage and which last week announced layoffs, has not provided an explanation for Kurtz’s actions.
Spain says no indication that blackout was caused by cyberattack
Spain has been investigating cyber weaknesses at small power plants following the blackout that recently hit Spain and Portugal. Spain’s Energy Minister said this week that it has found no indication of a cyberattack. Investigators have identified the substation that triggered the incident, but the cause of the failures that led to the blackouts remains unknown.
CISA backtracks on alerts and notifications changes
CISA announced that it would no longer share cybersecurity updates and the release of new guidance on its Alerts&Advisories webpage and instead would only share such information via email and social platforms. However, one day later the agency announced that in response to feedback (confusion) from the cybersecurity community it has decided to pause the changes.
Kube Resource Orchestrator (kro) vulnerabilities
Orca shares details on two vulnerabilities in Kube Resource Orchestrator (kro) that could allow an attacker to introduce a malicious Kubernetes API. The flaws enable attackers to tamper with custom resources managed by the open source project, leading to a confused deputy issue, forcing kro to deploy malicious applications that the attackers control. Both security defects are now patched and no user intervention is required.
Alabama impacted by ‘cybersecurity event’
For the past week, the state of Alabama has been scrambling to mitigate a “cybersecurity event” that caused minor disruptions. “Some state employee usernames and passwords were compromised”, Alabama’s governor said (PDF) on Monday. However, there have been no major disruptions to the state’s services, and there’s no evidence of personal information theft, Alabama said in an incident update.
DHS terminates $2.4 billion Leidos deal
The Department of Homeland Security (DHS) last week terminated the $2.4 billion seven-year contract awarded to Leidos in February to provide IT services and cyber capabilities to CISA. DHS pulled the deal after government contractor Nightwing filed a complaint claiming that the US government’s evaluation of the bidders was critically flawed, The Register discovered. Nightwing spun out of RTX, which over the past half a year agreed to pay over $950 million to settle investigations and lawsuits over its defective pricing on government contracts and failures to meet cybersecurity requirements for defense contractors.
CISOs share emotional toll of job in upcoming docuseries
Nagomi Security has announced a new docuseries, CISO: The Worst Job I Ever Wanted, which explores what it’s actually like to be a CISO, including the pressure, the burnout, and the isolation. It features CISOs from Mailchimp, Cisco, and Deutsche Bank. The docuseries is expected to become available in fall 2025 on major streaming platforms. A teaser is currently available.
Dior data breach
Fashion giant Dior has confirmed being targeted in a cyberattack that resulted in customer information getting compromised. The company pointed out that financial information was not exposed. It appears that the data breach impacts customers in at least South Korea and China.
BreachForums admin to pay $700,000 in healthcare breach lawsuit settlement
Conor Brian Fitzpatrick, aka Pompompurin, a former administrator of the BreachForums cybercrime forum, will forfeit roughly $700,000 in a civil lawsuit settlement. Health insurance company Nonstop Health was targeted in a class action after its customers’ data was leaked following a cyberattack. Nonstop Health added Fitzpatrick as a third-party defendant because the data had been shared on BreachForums, Brian Krebs reported. Fitzpatrick was sentenced to time served last year, but he quickly violated terms of his release and he is set to be resentenced next month.
European Commission calls member states to fully transpose the NIS2 Directive
The European Commission is calling out 19 member states for failing to fully transpose the NIS2 Directive into national law. The directive is meant to improve the cyber resilience and incident response capabilities of entities in critical sectors across the EU. The 19 states, namely Bulgaria, Czechia, Denmark, Germany, Estonia, Ireland, Spain, France, Cyprus, Latvia, Luxembourg, Hungary, the Netherlands, Austria, Poland, Portugal, Slovenia, Finland and Sweden, have two months to respond and take the necessary steps.
Related: In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak
Related: In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down