Top Cybersecurity Headlines: Insights from the Last Week, Month, and Quarter

By Zack Huhn, Enterprise Technology Association

Cybersecurity continues to shape the business and technology landscape in significant ways. From nation-state actors and criminal groups to critical infrastructure challenges, the threats are evolving faster than ever. Below is a roundup of the most important cybersecurity headlines from the last week, month, and quarter, curated for technology and business leaders.

The Last Week: Escalating Global Cyber Tensions

South Korea Fines SK Telecom After Massive Data Breach

South Korea’s privacy regulator fined SK Telecom following a breach that exposed records of about 27 million SIM cards. The company is required to implement quarterly security updates and is investing more than $500 million over five years to bolster security measures. This event highlights the growing regulatory consequences of data breaches globally.

Read more: Reuters

Scattered Spider Expands Targets to U.S. Airlines

The FBI issued warnings about Scattered Spider, a hacking group that has shifted focus to the aviation sector. Using sophisticated social engineering to bypass multi-factor authentication, the group has targeted airlines like WestJet and Hawaiian Airlines, raising serious concerns about aviation cybersecurity readiness.

Read more: Business Insider

Iran-Linked Hacktivist Networks Gain Traction

U.S. cybersecurity officials are seeing increased activity from Iran-linked hacktivist groups that are adopting tactics similar to Russia’s playbook. These proxy actors aim to create deniability while targeting critical infrastructure. This trend comes as Congress debates whether to renew the Cybersecurity Information Sharing Act, a key policy set to expire at the end of September.

Read more: Axios

U.S. Department of Justice Exposes North Korean IT Fraud Operation

The Department of Justice revealed that North Korean operatives, using stolen identities and AI tools, infiltrated nearly 100 U.S. companies. The operation defrauded businesses of intellectual property and cryptocurrency, generating around $5 million before authorities seized $900,000 in virtual currency and hundreds of compromised devices.

Read more: Politico

The Last Month: Government and Sector-Wide Cyber Defense Moves

Texas to Launch New Cyber Command

Governor Greg Abbott signed legislation creating the Texas Cyber Command at the University of Texas at San Antonio. The new command, backed by $345 million, will serve as a central hub for cyber defense, initially hiring 65 specialists and expanding significantly by 2027. This development reflects the increasing state-level commitment to cybersecurity resilience.

Read more: Express News

Insurance Sector Under Attack

Scattered Spider’s social engineering tactics have also disrupted the insurance industry. Companies like Aflac, Erie, and Philadelphia Insurance disclosed breaches involving sensitive customer data, including Social Security numbers and health records. The attacks demonstrate the group’s persistence and the vulnerability of high-value data sectors.

Read more: Wall Street Journal

Retail Sector Hit by Cyberattacks

Retailers including United Natural Foods, Victoria’s Secret, Marks & Spencer, Adidas, Cartier, and The North Face experienced significant disruptions from cyber incidents. The attacks led to website outages and supply chain issues, directly impacting consumers.

Read more: AP News

The Last Quarter: Major Incidents and Long-Term Implications

4chan Data Leak Exposes User Information

A breach earlier this quarter exposed user credentials and restored deleted content on 4chan, reigniting discussions about the security of online forums and user privacy.

Read more: Wikipedia

China-Linked Salt Typhoon Attacks U.S. Telecoms

In one of the most significant incidents to surface this year, China-affiliated actors known as Salt Typhoon targeted major U.S. telecom providers, including AT&T, Verizon, and T-Mobile. The breaches compromised sensitive metadata and have led to renewed oversight measures.

Read more: Wikipedia

U.S. Treasury Breach Reveals SaaS Vulnerabilities

A Chinese APT group exploited a vulnerability in BeyondTrust SaaS products to access unclassified files at the U.S. Department of the Treasury. Although the breach occurred at the end of 2024, its details emerged in early 2025, emphasizing ongoing risks tied to third-party software.

Read more: Wikipedia

What These Trends Mean for Leaders

Several patterns are emerging that should be on the radar of any enterprise or public sector leader.

Scattered Spider has become one of the most prolific threats, expanding its social engineering campaigns across multiple industries, including casinos, insurers, airlines, and retailers.

Nation-state actors are increasingly turning to proxies and hacktivist groups to conduct operations with plausible deniability.

Critical infrastructure and consumer-facing industries alike are being tested by cyberattacks that impact everything from supply chains to sensitive personal data.

Finally, governments at all levels are responding by investing in cyber defense, updating regulatory frameworks, and calling for greater information sharing.

Stay Ahead with ETA

At the Enterprise Technology Association, we help business and technology leaders make sense of these developments through events, insights, and a trusted network of experts. If you want to connect with peers on cybersecurity strategy, AI security, or technology procurement, visit joineta.org.

If you’d like ETA to cover any of these topics more deeply in upcoming reports or events, let us know.