In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Senate moves to fortify commercial satellite defenses Bipartisan legislation from Senators Gary Peters and John Cornyn recently cleared a key committee hurdle to help satellite operators combat hackers and foreign adversaries. The Satellite Cybersecurity Act of 2025 directs the Department of Commerce to establish a central resource for security best practices and requires a GAO study of efforts to secure satellites against cyber threats. This push for stronger protections comes as research indicates that about half of all commercial satellite signals remain unencrypted despite carrying sensitive data. Authorities dismantle W3LL phishing kit infrastructure The FBI Atlanta Field Office and Indonesian National Police shuttered a sophisticated cybercrime operation that facilitated over $20 million in attempted fraud through a customized phishing-as-a-service platform. The primary developer, known as G.L., allegedly sold access to the W3LL phishing kit and managed a marketplace that facilitated the compromise of more than 25,000 accounts.  Meta equips top researchers with professional testing suites Meta has partnered with PortSwigger to provide Burp Suite Pro licenses to security researchers who reach the HackerPlus Silver league on its bug bounty platform. The goal is to help researchers enhance their skills and hunt for vulnerabilities more efficiently and creatively.  AWS RES vulnerabilities enable command execution and privilege escalation Multiple vulnerabilities in AWS Research and Engineering Studio (RES) allow authenticated users to execute arbitrary commands and escalate privileges. CVE-2026-5707 and CVE-2026-5709 stem from unsanitized input, enabling command injection on virtual desktop hosts and cluster-manager EC2 instances, while CVE-2026-5708 allows attackers to assume instance profile permissions via crafted API requests. AWS fixed the issues in version 2026.03. GlassWorm dropper spreads across developer IDEs A new GlassWorm variant uses a Zig-compiled native dropper embedded in a malicious OpenVSX extension posing as WakaTime, allowing it to bypass typical extension sandboxing and execute with full system access. After execution, it scans for VS Code-based IDEs (Visual Studio Code, Cursor, Windsurf, VSCodium, and Positron) and installs a second-stage payload across all detected environments.  ShinyHunters targets Rockstar Games  The threat actor group ShinyHunters is threatening to leak data allegedly exfiltrated from Rockstar Games by exploiting authentication tokens within the Anodot cloud cost-monitoring tool. According to the group, the breach provided unauthorized access to Rockstar’s Snowflake data warehouse instances. Rockstar Games has confirmed a “limited” exposure of non-material information via a third-party breach but maintains that core operations and player data remain unaffected. Critical RCE in ShowDoc sees active exploitation Threat actors are actively weaponizing a critical remote code execution vulnerability in ShowDoc, an IT documentation and collaboration platform that is popular in China, to deploy web shells. Tracked as CVE-2025-0520, the flaw stems from an unrestricted file upload mechanism that fails to properly validate extensions for unauthenticated users. A patch was released in version 2.8.7. Recent intelligence indicates that thousands of instances remain exposed to the internet. Police arrest teenager following disruptive education network intrusion The Police Service of Northern Ireland detained a 16-year-old in connection with a targeted cyberattack on the C2k educational system, which provides core IT services to nearly all schools in the region. The Education Authority confirmed that the breach compromised personal data at a small number of institutions.  EPA to boost cybersecurity budget to $19 million The EPA’s FY 2027 budget proposal significantly increases funding for information security and water-specific cyber defenses to counter growing threats from malicious actors. A key initiative includes a request for new authority to fund cybersecurity grants within the existing Drinking Water Infrastructure Resilience Grant Program, specifically aimed at helping water systems harden their infrastructure. Total funding for the agency’s information security program is slated to double to $19.1 million. ShinyHunters leak millions of McGraw Hill user records The ShinyHunters extortion group leaked data tied to 13.5 million McGraw Hill accounts after exploiting a misconfigured Salesforce environment. The dataset, totaling over 100GB, includes email addresses, names, phone numbers, and physical addresses. McGraw Hill, which provides educational solutions, said its core systems and sensitive data were not compromised. Chrome vulnerability earns researcher $90,000 Google patched 31 vulnerabilities in Chrome 147, including a critical heap buffer overflow in the ANGLE graphics component tracked as CVE-2026-6296, which earned researcher ‘Cinzinga’ a $90,000 reward. The update fixes multiple high-risk memory safety issues such as use-after-free and type confusion bugs across components like V8, PDFium, and media subsystems. Related: In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack Related: In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware WRITTEN BY SecurityWeek News More from SecurityWeek News In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday Webinar Today: Why Automated Pentesting Alone Is Not Enough In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents Webinar Today: Agentic AI vs. Identity’s Last Mile Problem In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline RSAC 2026 Conference Announcements Summary (Days 3-4) Latest News Another DraftKings Hacker Sentenced to Prison Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed Recent Apache ActiveMQ Vulnerability Exploited in the Wild Two North Korean IT Worker Scheme Facilitators Jailed in the US ZionSiphon Malware Targets ICS in Water Facilities Cursor AI Vulnerability Exposed Developer Devices 53 DDoS Domains Taken Down by Law Enforcement Government Can’t Win the Cyber War Without the Private Sector Trending Webinar: A Step-By-Step Approach To AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move ThreatModeler has appointed Kevin Gallagher as Chief Executive Officer. Thomas Bain has been appointed Chief Marketing Officer at Silent Push. The United States Department of War appointed David Vaughn as Technical Advisor for Data Infrastructure. More People On The Move Expert Insights Government Can’t Win The Cyber War Without The Private Sector Securing national resilience now depends on faster, deeper partnerships with the private sector. (Steve Durbin) The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) Flipboard Reddit Whatsapp Email