Last Week in Cybersecurity - October 20 - 24, 2025

Catch up on last week’s top stories in cybersecurity — National Cyber Director Sean Cairncross said the U.S. must push a “clean American tech stack” and counter China’s export of surveillance technology. North Korea’s Lazarus group targeted three European drone companies to steal proprietary information, researchers said. New York updated third-party risk guidance for financial institutions with new AI provisions.
The Justice Department charged a former L3Harris executive with selling trade secrets to a buyer in Russia. A recent CISA directive highlighted gaps in DHS’s Continuous Diagnostics and Mitigation program after an F5 vulnerability disclosure. Researchers reported a surge in Smishing Triad phishing operations managed in Chinese and supported by thousands of actors. A high-severity remote code execution flaw was found in an abandoned Rust archive library.
The Cyberspace Solarium Commission said the U.S. is “slipping” on cybersecurity progress and recommended reversing budget and workforce cuts. Veeam moved to acquire Securiti AI for $1.725 billion, and Dataminr agreed to buy ThreatConnect for $290 million. A coalition filed an FTC complaint accusing Google of violating youth privacy laws. China accused the NSA of hacking its national timekeeping service, and a federal judge barred NSO Group from targeting WhatsApp users while reducing punitive damages.

🔗 https://cyberscoop.com/

#cybersecurity #cyber #news #cybernews

Follow CyberScoop on Social Media
•   / cyberscoopnews  
•   / cyberscoop  
•   / cyberscoop  
•   / cyberscoopnews  
•   / cyberscoopnews  
• https://bsky.app/profile/cyberscoop.b...

About CyberScoop
We report on news and events impacting technology and security. https://cyberscoop.com/