SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape.
This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment.
Here are this week’s highlights:
Predator spyware suppresses iOS camera and microphone indicators
Predator spyware bypasses Apple’s recording indicators on iOS by installing a single hook to intercept and silently discard sensor activity updates before they trigger the orange or green status bar dots. This technique uses kernel-level access to modify thread state and exploit Objective-C nil messaging, effectively suppressing both camera and microphone indicators simultaneously during covert recording. The capability requires prior full device compromise and does not rely on new iOS vulnerabilities.
Russian cyberattacks on Ukraine energy infrastructure aid in directing missile strikes
Ukrainian cybersecurity officials stated that Russian cyberattacks against the country’s energy grid have shifted toward gathering intelligence to support and guide missile strikes rather than causing immediate widespread disruptions. Officials described how these intrusions help map facilities, monitor repair efforts, and evaluate recovery timelines both before and after physical attacks.
Treasury launches public-private push to secure AI in finance
The US Department of the Treasury announced a collaborative public-private initiative to improve cybersecurity and risk management for AI in the financial services sector. Developed through the Artificial Intelligence Executive Oversight Group with industry, regulators, and other stakeholders, the effort will deliver a series of practical resources. These tools aim to support safe and resilient AI adoption while addressing related cyber risks.
Cyber valuations surge as AI dominates 2025 investments
Valuations in cybersecurity and broader venture markets rose in Q4 2025, with capital concentrated in large deals and early-stage activity showing gains, particularly in seed rounds where cybersecurity outperformed the overall market. AI remained central to investment focus, driving startup alignment with enterprise priorities in areas like AI security and automation. DataTribe’s outlook for 2026 points to continued valuation growth, selective funding, and potential IPO momentum influencing exits and capital flow.
ShinyHunters claims massive breach at Dutch telecom Odido
ShinyHunters has claimed responsibility for hacking Dutch telecommunications provider Odido, alleging they stole nearly 21 million records containing personal customer information. Odido previously disclosed a cyberattack affecting its customer contact system, confirming personal data exposure for about 6.2 million customers but denying that passwords, billing details, or other sensitive elements were compromised. The company has reported the incident to authorities and it is not negotiating with the attackers.
CrowdStrike report warns of AI-fueled evasive cyber threats
CrowdStrike’s 2026 Global Threat Report describes 2025 as the year of the evasive adversary, with attackers using AI to accelerate operations and exploit new surfaces. Key trends include an 89% rise in AI-enabled attacks, faster breakout times averaging 29 minutes (with the quickest at 27 seconds), and a high proportion of malware-free detections. The report highlights adversaries’ focus on trusted access paths, cross-domain movement, zero-day exploits, and supply chain risks while noting increased activity from certain nation-state actors.
MITRE launches ATT&CK advisory council to guide framework future
MITRE has formed a new ATT&CK Advisory Council composed of cybersecurity experts from government, industry, and academia. The council will provide strategic guidance to support the ongoing development and long-term stewardship of the MITRE ATT&CK framework. This initiative aims to keep the widely used knowledge base effective and relevant for global cybersecurity efforts.
Oblivion RAT evades Android security for just $300
A new Android remote access trojan called Oblivion is being sold for around $300 and claims to bypass detection and security features on devices from major manufacturers. The malware reportedly uses advanced techniques to gain persistent access, steal sensitive data, and maintain control without triggering built-in protections. Security researchers have highlighted its affordability and evasion capabilities as concerning for mobile threat landscapes.
OpenAI disrupts malicious AI use with proactive takedowns
OpenAI reported taking action against multiple threat actors who attempted to use its AI models for harmful purposes, including influence operations, phishing, and malware development. The company disrupted several coordinated campaigns by banning associated accounts, removing malicious content, and sharing indicators with industry partners and law enforcement. These efforts targeted misuse across various regions and focused on preventing real-world harm while maintaining transparency about detected activities.
Related: In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
Related: In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine
