Staying ahead in cybersecurity requires constant vigilance. Last week brought a mix of critical vulnerabilities, data breaches, and emerging AI-related risks. Let’s dive into the key headlines you need to know.

## FortiWeb Under Attack & 7-Zip Woes

Attackers are actively exploiting a stealth-patched FortiWeb vulnerability (CVE-2025-58034) that Fortinet initially addressed quietly. This highlights the importance of prompt patching, even when announcements are delayed. Alongside this, NHS England Digital warned about a public proof-of-concept exploit for a 7-Zip vulnerability (CVE-2025-11001). These two combined create urgency to update your software.

## Data Breaches at Logitech and Beyond

Logitech confirmed a data breach that exposed limited employee, consumer, customer, and supplier information. While sensitive personal data was supposedly untouched, this incident underscores the ever-present risk to organizations of all sizes. There’s also the news of five men admitting to helping North Korean IT workers infiltrate US companies. The US DoJ says that this group helped a sanctioned government move money, slip past hiring checks, and place foreign workers inside more than one hundred American firms.

## AI’s Double-Edged Sword: Risks and Opportunities

AI continues to be a hot topic, with both opportunities and risks. One video highlighted how a quick AI check could leak a company’s secrets. An employee sharing production code with a public AI tool resulted in exposing formulas used in a fintech app, creating the risk of similar answers given to other users in the future.

On the defensive side, Strix presents itself as open-source AI agents for penetration testing. These agents run code, explore applications, uncover weaknesses, and prove those findings with working proof of concepts. It is also worth knowing what security pros should know about insurance coverage for AI chatbot wiretapping claims. Stephanie Gee, Insurance Recovery Counsel at Reed Smith, discusses the development of these privacy claims as they pertain to AI bots and common coverage issues and solutions for security professionals as they seek to protect against these risks. The privacy panic around machine learning may be overblown, but there are still risks to consider.

The cybersecurity landscape is constantly evolving. Staying informed and proactive is the best defense.

Related posts:

AI Browser Alert: Hidden API Exposes Users to Device Takeover Risk Data Breach Alert: Google Confirms Salesforce Data Loss Impacting 200+ Companies Perplexity’s AI-Powered Comet Browser Lands on Samsung Phones (and All Androids!) Amazonas News: Fishing Subsidies, Road Hazards, and Health Initiatives