This week’s SecurityWeek roundup highlights a range of notable cybersecurity developments, from corporate restructuring and policy changes to data exposures, law enforcement actions, and rising vulnerabilities in critical systems. Coverage includes Axonius’ workforce reduction and leadership transition, the European Parliament disabling AI features, HackerOne clarifying AI data use, an Abu Dhabi conference data leak, Interpol arrests, exposed Elasticsearch instances, a UMMC ransomware disruption, record ICS advisories, a US sentencing for tax-fraud-related network intrusions, and Google’s Play Store protections. #Axonius #Elasticsearch
Keypoints
- Axonius laid off about 40 employees and shifted its CEO to executive chairman while naming an interim CEO as it reorganizes ahead of a potential IPO.
- The European Parliament disabled built-in AI features on work devices due to concerns that data is processed by external cloud services.
- HackerOne updated policy language and stated that researcher submissions are not used to train generative AI models.
- More than 700 passport scans and ID documents from Abu Dhabi Finance Week were left publicly accessible on an unprotected cloud server linked to a third-party vendor.
- SOCRadar found three misconfigured Elasticsearch instances exposing over 43 million records, including credentials, credit card details, and infostealer logs.