This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Montez Fitzpatrick, CISO, Navvis
Here are the stories we plan to cover TODAY, time permitting. Please join us live at 12:30pm PT/3:30pm ET by registering for the open discussion on YouTube Live
UK Legal Aid program faces collapse due to cyberattacks
Following up on a story we covered last May, lawyers in the UK are warning that the cyberattack that occurred in May has “pushed the sector into chaos, with barristers going unpaid, cases being turned away and fears [that] a growing number of firms could desert Legal Aid work altogether.” After the personal data of hundreds of thousands of legal aid applicants in England and Wales dating back to 2010 was stolen in the attack, the inability for lawyers to access data or get compensated for their services has led to stress and a simple financial inability to maintain their Legal Aid practice, leading to a possible collapse of the entire system.
Ohio sets new cybersecurity rules for local governments, including public approval of ransomware payments
Ohio enacted new cybersecurity rules requiring all local governments to implement formal policies and publicly approve any ransomware payments. The move was passed as part of the state’s budget and follows a wave of cyberattacks on municipalities like Cleveland. Lawmakers say the new measures should increase transparency and improve defenses against increasingly sophisticated attacks that jeopardize constituent data and local infrastructure.
PBS confirms data breach after employee info leaked on Discord servers
PBS confirmed a data breach after a file containing contact info for nearly 4,000 employees and affiliates was leaked on Discord servers tied to “PBS Kids” fan communities. The data included names, job titles, emails, departments, and supervisors. PBS says the breach came from its internal MyPBS.org platform and that no other systems were affected.
Google’s Big Sleep finds 20 flaws in open source projects
Google’s AI bug hunter called Big Sleep was developed by DeepMind and Project Zero, and identified 20 security flaws in popular open source software including FFmpeg and ImageMagick. Details on the vulnerabilities are still undisclosed pending fixes, but Google says each bug was autonomously discovered and reproduced by the AI, with human review before reporting..
Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through
Microsoft unveiled Project Ire, an AI-powered reverse engineering tool that uses LLMs to analyze unknown software and determine if it’s malicious. In testing, it accurately flagged 89% of the malware it detected — but only caught 26% of all malicious files. Microsoft says the system is still a prototype and plans to integrate it into Defender as a binary analyzer. Experts say the low detection rate and false positives show AI can’t fully replace traditional methods, but will be crucial as attackers increasingly use AI themselves.(The Register)
Huge thanks to our sponsor, ThreatLocker
ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CIS
Google says hackers stole its customers’ data by breaching its Salesforce database
Google says hackers linked to the ShinyHunters group breached one of its Salesforce databases containing small business contact info. While only basic and largely public data was taken, the attackers used voice phishing to gain access and may be preparing a leak site. The breach is the latest in a string of Salesforce-related incidents, following attacks on Cisco, Qantas, and Pandora.(TechCrunch)
Luxembourg suffers attack on its Huawei systems, knocking out mobile service
As posted in The Record, “Luxembourg’s government announced on Thursday it was formally investigating a nationwide telecommunications outage caused last week by a cyberattack reportedly targeting Huawei equipment inside its national telecoms infrastructure.” This attack affected the country’s 4G and 5G mobile networks, making them unavailable for more than three hours, including for access to emergency services. This is because the country’s fallback 2G system became overloaded. Internet access and electronic banking services were also inaccessible. Statements issued by the country’s government said that the attack was “intentionally disruptive rather than an attempt to compromise the telecoms network,” and this led to a system failure.
Microsoft and Google among most affected as zero day exploits jump 46%
Forescout’s latest threat review released at Black Hat USA shows zero-day attacks rose 46% in the first half of 2025, with Microsoft and Google at the top of the most exploited products. Ransomware attacks were up 36%, increasingly targeting unconventional devices like IP cameras and BSD servers to bypass defenses and move laterally across networks. Of 137 tracked threat actors, 40% were state-sponsored, with Iran-aligned hacktivists particularly focusing on critical OT infrastructure.
Cisco.com user accounts breached
Cisco disclosed a data breach after a voice phishing attack tricked an employee, letting a threat actor access a third-party CRM system and steal user data from Cisco.com accounts. Exposed information includes names, email addresses, phone numbers, and account metadata, but no passwords, confidential customer data, or product systems appear to be affected. The breach may be linked to the ShinyHunters group behind recent Salesforce-related attacks on major brands like Adidas, Chanel, and LVMH.
Hackers hijacked Google’s Gemini AI with a poisoned calendar invite to take over a smart home
Wired has a new report on security researchers who are demonstrating indirect prompt injection attacks by hiding prompts for Gemini in Google Calendar items. At Black Hat, they reported how these prompts could cause Gemini to do things like raise your smart blinds or start a Zoom call every time you tell Gemini “thanks.” The researchers informed Google of the methods in February, and Google has since deployed mitigations.
(Wired)
