SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Axonius reduces workforce and transitions leadership
Axonius has laid off approximately 40 employees, representing less than 4% of its global staff, with the majority of cuts in marketing and sales. Co-founder Dean Sysman has stepped down from his role as CEO to become executive chairman, with company president Joe Diamond appointed as interim CEO. The workforce adjustment aims to refine the company’s organizational structure and improve operational efficiency as it prepares for a potential IPO.
European Parliament disables AI features on official devices
The European Parliament has disabled built-in AI features on work-issued devices, such as corporate tablets used by lawmakers and their staff, due to concerns over cybersecurity and data protection. The IT department determined that certain AI capabilities send data to external cloud services for processing, making it impossible to fully guarantee the security of potentially sensitive information.
HackerOne revises policy language following concerns over data usage for AI
Bug bounty hunters raised questions on social media about whether HackerOne was using their submitted vulnerability reports to train AI models, particularly in connection with the company’s recent Agentic PTaaS platform and its AI system called Hai. In response, HackerOne CEO Kara Sprague stated that the platform does not train generative AI models — internally or via third parties — on researcher submissions or customer confidential data, and that such data is not used to train, fine-tune, or improve generative AI models. The company is updating the language in its Terms and Conditions to more clearly reflect these practices and eliminate potential ambiguity, while emphasizing that its AI tools are intended to complement rather than replace researchers’ work.
Sensitive attendee data exposed from Abu Dhabi investment conference
A data leak linked to Abu Dhabi Finance Week, held in December, resulted in more than 700 passport scans and state identity card documents being left publicly accessible on an unprotected cloud storage server. The exposed information affected hundreds of high-profile attendees, including politicians and business leaders. The vulnerability, attributed by organizers to a third-party vendor, was identified by a security researcher and promptly secured.
Interpol-led cybercrime crackdown in Africa
A large-scale multinational operation coordinated by Interpol across multiple African countries has led to the arrest of 651 individuals suspected of involvement in various online scams, including romance fraud, investment fraud, and business email compromise schemes. Authorities recovered approximately $4.3 million in assets believed to be linked to these criminal activities, along with the seizure of electronic devices, vehicles, and other items used in the operations. The effort targeted organized cybercrime networks operating from the continent and aimed to disrupt scam infrastructure.
Misconfigured Elasticsearch databases leak tens of millions of sensitive records online
SOCRadar’s monitoring service discovered three publicly accessible Elasticsearch instances that lacked proper authentication, exposing over 43 million records in total. The leaked data included large volumes of valid credentials, credit card details, personal information such as names and contact details, infostealer logs with system and payment information, and various customer transaction records. Security researchers analyzed the instances, notified relevant parties, and some of the exposed data was subsequently removed or restricted.
University of Mississippi Medical Center shuts down clinics due to ransomware
The University of Mississippi Medical Center (UMMC) experienced a ransomware attack that disrupted many of its IT systems, including blocking access to the Epic electronic medical records system. As a result, all clinic locations across Mississippi were closed, with outpatient appointments, ambulatory surgeries, procedures, and imaging services canceled and set to be rescheduled. Hospital and emergency services continued to operate using manual downtime procedures, with no reported impact on inpatient care or equipment functionality.
Record ICS vulnerabilities in 2025
Forescout research shows that 2025 recorded a high of 508 ICS advisories from CISA, covering 2,155 vulnerabilities across various products and vendors, marking the first year exceeding 500 advisories. The average severity rose significantly, with a CVSS score of 8.07 and 82% of advisories classified as high or critical. Many vulnerabilities published directly by vendors in 2025 lacked corresponding CISA advisories, creating visibility gaps.
Nigerian national sentenced to prison in US
A 37-year-old Nigerian man named Matthew A. Akande, who was living in Mexico, was sentenced to eight years in prison in the US for his involvement in a multi-year operation that involved unauthorized access to the computer networks of tax preparation firms in Massachusetts. He and co-conspirators used stolen personally identifiable information to file over 1,000 fraudulent tax returns, resulting in more than $1.3 million in fraudulent refunds obtained from the US government. Akande was ordered to pay approximately $1.4 million in restitution. He was extradited to the United States after his arrest in the United Kingdom.
Google strengthens protections across Play Store and Android ecosystem
Google prevented more than 1.75 million policy-violating apps from being published on Google Play and banned over 80,000 developer accounts attempting to distribute harmful applications during 2025. The company integrated generative AI into the review process for better detection of malicious patterns, blocked excessive data access in over 255,000 apps, and stopped 160 million spam ratings and reviews. Google Play Protect last year expanded its scanning to over 350 billion Android apps daily, and identified more than 27 million new malicious apps from outside sources.
Related: In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine
Related: In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities
