SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
BodySnatcher agentic AI hijacking
BodySnatcher (CVE-2025-12420) is an agentic AI hijacking vulnerability affecting ServiceNow, discovered by AppOmni and fixed by ServiceNow in October 2025. Users of online hosted services need do nothing. On-premise users should ensure they use the latest ServiceNow component versions. AppOmni has published full details of the vulnerability.
Fortinet FortiSIEM vulnerability exploited
Defused Cyber reported that a Fortinet FortiSIEM vulnerability patched this week is being targeted in the wild. The flaw is tracked as CVE-2025-64155 and it can be exploited by unauthenticated attackers for arbitrary code execution. Defused’s honeypots started recording exploitation attempts on January 15. Technical details and a PoC exploit for CVE-2025-64155 have been released by Horizon3, which reported the flaw to Fortinet.
Telegram IP exposure
Telegram has added a warning when users click on proxy links in response to reports of a ‘vulnerability’ that can be leveraged to obtain a user’s IP address. The method involves sending a link disguised as a username. When the victim clicks the link, they connect to a specified proxy and expose their IP. Telegram pointed out that this issue is not specific to its platform, but decided to add a warning to alert users of disguised links.
Russia accused of cyberattack on Poland power system
In late December 2025, Poland’s power grid faced its largest cyberattack in years, which targeted the communication between renewable energy installations and distribution operators, Reuters [paywalled] reported. Polish officials stated that the coordinated operation was successfully repelled and failed to cause a blackout or compromise critical infrastructure. Officials said Russian hackers were the likely perpetrators behind the attempted sabotage.
Venezuelan nationals prosecuted for ATM jackpotting
A group of five Venezuelan nationals has pleaded guilty or been sentenced for their involvement in a multi-state ATM jackpotting ring that used sophisticated malware to steal thousands of dollars across Georgia, Florida, and Kentucky. The group targeted various financial institutions by exploiting machine vulnerabilities to trigger cash withdrawals, and all members now face prison time followed by immediate deportation.
French telecom firms fined €42 million
French data regulator CNIL imposed a record €42 million fine on telecom providers Free and Free Mobile for failing to protect the personal data of 24 million subscribers during a 2024 cyberattack. The investigation revealed that the companies maintained inadequate security measures, such as weak VPN authentication, and unlawfully retained millions of records belonging to former customers long after their contracts had ended.
OT security and zero trust guidance from CISA and NSA
CISA and the NSA released new strategic frameworks to modernize the defense of critical infrastructure and national security systems. CISA’s guidance introduces eight ‘Secure Connectivity Principles’ for OT, providing a roadmap for organizations to manage the risks of connecting physical industrial systems to digital networks. The NSA launched a series of ‘Zero Trust Implementation Guidelines’, offering practical steps for transitioning from traditional perimeter defenses to a model of continuous authentication and monitoring.
Sean Plankey renominated for CISA director
President Donald Trump has renominated Sean Plankey for the role of director at the cybersecurity agency CISA. Plankey is one of the dozens of nominees named by the White House this week in a press release. Plankey received the approval of a US Senate committee in July 2025, but has been blocked by Republican Senator Rick Scott over a Coast Guard contract.
Monroe University data breach impacts 320,000
New York-based Monroe University this week disclosed a year-old data breach impacting more than 320,000 individuals. Hackers accessed the university’s systems in December 2024 and stole files containing personal information.
Critical vulnerabilities exposed shipping tech firm’s systems to hacking
Researcher Eaton Zveare, best known for finding security holes in platforms used by automotive firms, recently discovered critical vulnerabilities in the Bluvoyix platform of Bluspark Global, which is used by hundreds of companies worldwide for ocean logistics and supply chain management. The flaws could have allowed a hacker to gain full control of the platform and access customer and shipment data. The vulnerabilities have now been patched, but it was not easy for the researcher to responsibly disclose his findings.
Defense Unicorns raises $136 million
Defense Unicorns secured $136 million in Series B funding to scale its ‘software backbone’ designed for high-security, air-gapped military environments. The funding brings the company’s valuation to $1 billion. Its platform addresses critical cybersecurity gaps by enabling the secure deployment and continuous update of mission-critical applications in disconnected field settings (such as submarines and forward operating bases) where traditional security measures are unavailable.
Related: In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee
Related: In Other News: 8,000 Ransomware Attacks, China Hacked US Gov Emails, IDHS Breach Impacts 700k
