SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Former Google engineer convicted over theft of AI trade secrets
A federal jury in San Francisco convicted former Google software engineer Linwei Ding, also known as Leon Ding, on seven counts of economic espionage and seven counts of theft of trade secrets. The conviction relates to Ding’s theft of confidential information containing Google’s AI trade secrets for China’s benefit.
ESET patches high-severity vulnerabilities
ESET has announced patches for two high-severity local privilege escalation vulnerabilities affecting Windows products. One of the flaws, CVE-2025-13176, affects ESET Inspect Connector. The second issue, CVE-2025-13818, impacts the ESET Management Agent. The security firm has found no evidence of in-the-wild exploitation.
Record-setting DDoS attack hits 31.4 Tbps
Cloudflare’s Q4 2025 DDoS threat report details a massive network-layer attack that peaked at 31.4 Tbps and lasted 35 seconds, marking the largest ever recorded. This incident formed part of a broader surge, with total DDoS attacks rising 121% over the year to 47.1 million. Network-layer threats made up 78% of Q4 incidents, while hyper-volumetric attacks grew 40% from the prior quarter.
Jeffrey Epstein’s personal hacker
A confidential informant told the FBI in 2017 that Jeffrey Epstein had a personal hacker, according to a redacted document released by the Department of Justice. The informant described the hacker as an Italian citizen who specialized in discovering vulnerabilities in iOS, BlackBerry devices, and Firefox, and who developed and sold zero-day exploits and offensive cyber tools. Some in the cybersecurity community have speculated about the hacker’s identity based on the publicly available details in the document, though the name remains redacted and the FBI has not independently verified the claims.
AI agents solve web security challenges in evaluation
Researchers from Wiz and Irregular tested leading AI models (Claude Sonnet 4.5, GPT-5, and Gemini 2.5 Pro) on 10 lab-based web security challenges modeled after real-world vulnerabilities. The agents successfully completed 9 out of 10 challenges when given clear, directed objectives, often at low cost, but performance declined in broader, less guided scenarios where agents struggled with prioritization and scope management.
AI-assisted attack gains AWS admin privileges in under 10 minutes
Sysdig’s Threat Research Team recently observed a cloud intrusion where a threat actor used stolen credentials from public AWS S3 buckets to gain initial access to an AWS environment. The attacker, assisted by LLMs for tasks like reconnaissance, code generation, and decision-making, escalated privileges and achieved administrative access in about 8 minutes. The attacker compromised multiple AWS resources, created backdoor accounts, abused Bedrock models, and attempted to launch GPU instances before access was terminated.
Canada Computers data breach
Canada Computers & Electronics reported becoming aware of unauthorized access to its retail website system on January 22, 2026. The data breach affected customers who checked out as guests between December 29, 2025, and January 22, 2026, potentially exposing personal information including credit card details. In-store purchases and logged-in member accounts remained unaffected.
Senator urges hearing with AT&T and Verizon CEOs over Salt Typhoon breach response
On February 3, 2026, Senator Maria Cantwell (D-WA), ranking member of the Senate Commerce, Science, and Transportation Committee, sent a letter to Chairman Ted Cruz requesting a public oversight hearing with the CEOs of AT&T and Verizon. She cited months of unsuccessful efforts to obtain key documentation, including network security assessments from Mandiant, on the companies’ remediation of the Chinese Salt Typhoon attacks.
Forescout report highlights surge in OT protocol attacks
Forescout released its 2025 Threat Roundup, analyzing over 900 million global cyberattacks observed last year. Key trends include an 84% increase in attacks using OT protocols, greater distribution of attacks across more countries, rising exploitation of cloud services, vulnerable web applications, and emerging AI platforms. The report notes escalated targeting of critical sectors such as healthcare, manufacturing, government, energy, and financial services.
Polish police arrest 20-year-old for DDoS attacks
Law enforcement in Poland detained a 20-year-old man suspected of launching DDoS attacks that targeted numerous websites worldwide. The suspect faces six criminal charges. During the arrest at his apartment, officers seized computer equipment used to host and distribute the attack tools. The man admitted to most of the allegations before being released on bail.
1.4 million records compromised in Betterment data breach
The recent data breach at automated investment platform Betterment resulted in the exposure of approximately 1.4 million unique email addresses along with names and geographic locations for affected accounts. A subset of records also included dates of birth, phone numbers, physical addresses, device information, employers, and job titles. The breach, which did not involve access to customer accounts or login credentials, has been added to Have I Been Pwned.
Related: In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak
Related: In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice
