In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report – Source: www.securityweek.com

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories: 

Two Romanians charged for payment card skimming

Two Romanian nationals, Andrei Fagaras and Tamas Kolozsvari, have been charged in the United States over their alleged role in a payment card skimming operation. The suspects, hit with three counts of access device fraud, are accused of possessing credit/debit card skimmers at three locations in Louisiana. They face up to 15 years in prison.  

Cloudflare and Adobe team up for image manipulation tracking tool

Cloudflare and the Adobe-led Content Authenticity Initiative launched a one-click tool designed to track the entire digital journey of an image across the Cloudflare network. Media companies, publishers and creators can easily label images to ensure proper credit and attribution, and consumers can easily identify image manipulations and AI.

NMFTA enhances telematics security requirements 

Cybersecurity holes in fleet telematics and electronic logging devices (ELDs) pose significant risks. To address concerns, the US National Motor Freight Traffic Association (NMFTA) has released major updates to its Telematics Security Requirements Matrix (TSRM), a critical resource for fleet managers, telematics service providers, carriers, and OEMs to identify and mitigate cybersecurity risks in ELDs, fleet management systems, and telematics.

New variants of North Korea’s FlexibleFerret macOS malware

SentinelOne has analyzed new variants of the recently discovered macOS malware named FlexibleFerret, which is believed to be used by North Korean hackers. Apple recently pushed signature updates to XProtect to block several variants of the Ferret malware family, but SentinelOne has discovered additional samples that had not been detected by XProtect.

Jailbreaking OpenAI’s o3 model

CyberArk claims it has managed to carry out a jailbreak against OpenAI’s latest o3 AI model. The company said it used FuzzyAI to achieve the task, “extracting detailed instructions on injecting code into lsass.exe, including a breakdown of the obstacles involved—ultimately leading to functional exploit code”.

Canadian man charged over $65 million cryptocurrency hacking

Andean Medjedovic, a 22-year-old Canadian man, has been charged over the theft of $65 million worth of cryptocurrencies from the KyberSwap and Indexed Finance DeFi protocols. The suspect allegedly used deceptive trades to withdraw investor funds at artificial prices. Medjedovic is also accused of trying to extort the victims of the KyberSwap attack through a sham settlement proposal. 

SVG files abused in phishing attacks

Sophos has seen email phishing attacks leveraging scalable vector graphics (SVG) files to bypass spam and phishing protections. The SVG file format is designed for drawing resizable, vector-based images, but cybercriminals have found a way to abuse them — by attaching specially crafted SVG files to emails — to lure targeted users to malicious websites. 

NSO transparency report

Controversial spyware maker NSO Group has published its 2024 transparency report, claiming that it continues to actively enhance its human rights compliance program. The Israeli company claims to have 54 customers across 31 countries, a majority law enforcement and intelligence agencies. 

Salaries in the cybersecurity industry

isecjobs.com has published its Global Salary Index 2025, which provides salary data on cybersecurity roles worldwide. The highest median salary was reported by individuals working as director of security, who earn over $250,000. IT directors are in second place with a median salary of $230,000, followed by privacy engineers with $200,000. Solutions architects and product managers also earn close to $200,000.

NanoLock Security ceases operations

NanoLock Security, an Israel-based company that specializes in IoT and OT device protection and management, has collapsed, according to Calcalist. The security firm reportedly filed a request for the appointment of a temporary trustee due to its insolvency, triggered by war-related financial strain and a cash flow crisis. The company has raised over $21 million, and now has debt totaling nearly $4.5 million. 

Related: In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps

Related: In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies