[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLd-kGfVbpC_-M7Fl2vO2YWwGrZiR4rKtoiaHKx07Uew":3},{"article":4,"iocs":55},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":37},"6420da0f-0108-4bd5-9bb0-2462a7e7255b","In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine","in-other-news-google-security-layoffs-audia6-takedown-400-million-coupang-fine-bd6d2c","Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups. The post In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine appeared first on SecurityWeek.","This week's security news roundup includes a $400 million fine against Coupang for data handling violations affecting over 30 million customers, and reports of layoffs within Google's Mandiant and GTIG cybersecurity teams. Additionally, a former IBM executive is suing IBM and AT&T for allegedly covering up foreign government-linked hacks, and the University of Oxford disclosed a data breach impacting its CareerConnect service.","Coupang fined $400M, Google security layoffs, IBM\u002FAT&T hack cover-up claims, and Oxford data breach.","SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: IBM and AT&T accused of hack cover-ups A former IBM cybersecurity executive has filed a lawsuit accusing IBM and AT&T of covering up repeated foreign government-linked hacks on their systems. According to the whistleblower, the companies failed to properly disclose multiple breaches to the US government over several years. He alleges they instead provided false assurances about their security posture to secure and maintain valuable federal contracts, in violation of legal requirements. Advertisement. Scroll to continue reading. University of Oxford impacted by CareerConnect data breach The University of Oxford disclosed a data breach related to the CareerConnect careers service. Hackers accessed the platform and compromised names, email addresses, and encrypted passwords. The incident impacts alumni, research staff, and employer user accounts, but not students, who rely on Single Sign-On (SSO) to log in. Google Threat Intelligence Group and Mandiant layoffs Google Cloud has reportedly initiated a round of layoffs impacting its cybersecurity division, specifically targeting members of the Mandiant team and the Google Threat Intelligence Group (GTIG). Google has not confirmed the exact number of affected employees, and it has not responded to SecurityWeek’s request for comment. Microsoft issues incident response playbook for AI Microsoft has released a new practitioner’s playbook detailing how to investigate security incidents involving Microsoft 365 Copilot and Azure AI Services. The document provides security teams with structured methodologies to track and analyze potentially malicious activity within these environments. The resource is designed to help defenders adapt their traditional response workflows to the unique telemetry of modern AI platforms. CISA mandates patching for actively exploited LiteLLM flaw CISA has added CVE-2026-42271, a critical command injection vulnerability in the AI gateway BerriAI LiteLLM, to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild. There does not appear to be any information on the attacks exploiting the vulnerability. Regulators issue $400 million penalty over Coupang data leak The South Korean Personal Information Protection Commission (PIPC) has imposed a record $400 million fine on Coupang due to widespread security failures and data handling violations that exposed the personal information of more than 30 million customers. Investigations revealed critical deficiencies in access controls and authentication key management. Coupang plans to appeal the fine. Nokia debuts automated edge defense for proxy botnets Nokia has introduced Deepfield Genome Shield, an automated security platform designed to proactively defend against massive DDoS attacks driven by residential proxy botnets. The system mitigates threats from an estimated 200 million compromised devices by disrupting botnet command-and-control communications directly at the network edge. ICS device exposure remains flat as attack surface widens Bitsight’s 2026 Global State of ICS\u002FOT Exposure report indicates that internet-facing industrial control systems (ICS) have plateaued at roughly 170,000 monthly exposures. Despite this flat count, the overall risk profile is expanding because modern ICS increasingly support non-traditional protocols such as SSH, HTTP, and MQTT alongside legacy protocols, widening the attack surface and making defenders’ jobs more challenging. ENISA shifts focus to collective EU resilience The European Union Agency for Cybersecurity (ENISA) is centering its Cyber Europe 2026 exercise on enhancing collective response capabilities across the region. The focus highlights an ongoing effort to evaluate and strengthen the cooperative resilience of EU member states against large-scale cyber incidents. This strategic direction aims to ensure that European infrastructure can withstand and rapidly recover from coordinated, transnational digital threats. Global operation takes down crypto laundering service An international law enforcement coalition supported by Europol and Eurojust has dismantled AudiA6, a prominent cryptocurrency laundering network that laundered over $388 million for ransomware actors between 2022 and 2025. The operation disrupted an industrial-scale scheme that funneled illicit digital assets through thousands of fake exchange accounts opened with stolen identities. Additionally, authorities seized the platform’s web infrastructure and successfully shuttered Dark2Web, an underground cybercrime forum managed by the same operators to connect threat actors globally. Related: In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking Related: In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA Written By SecurityWeek News Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from SecurityWeek News CISO Forum Webinar Today: 2026 Mid-Year ReviewA Security Raises $37 Million for Autonomous Offensive Security PlatformIn Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISAIndustry Reactions to New Trump AI Cybersecurity Executive Order: Feedback FridayWebinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to RespondWillow Raises $7 Million for Securing Autonomous AI AgentsDragos Acquires xIoT Security Firm PhosphorusIn Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks Latest News Industry Reactions to Claude Fable 5: Feedback FridayIranian Cyber Group Handala Claims Cal Water HackIvanti Sentry Exploitation Attempts Hitting HoneypotsChrome 149 Update Patches 28 VulnerabilitiesAnthropic Disputes Fable 5 AI JailbreakGoogle Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHuntersOracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day AttacksAlert Fatigue Is Becoming a Security Threat of Its Own Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: How Modern Breaches Bypass MFA and Evade Detection June 17, 2026 Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes. Register Webinar: Modern Exposure Validation in the AI Era June 24, 2026 AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program. Register People on the MoveStephen Garcia has been named Chief Information Security Officer at BreachRx.Kasper Lindgaard has been appointed Vice President of Security Strategy at CoreView.Chaim Mazal has been named Chief Information Security Officer at GitLab.More People On The MoveExpert Insights After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeat","https:\u002F\u002Fwww.securityweek.com\u002Fin-other-news-google-security-layoffs-audia6-takedown-400-million-coupang-fine\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F10\u002Fcybersecurity-news.jpg","2026-06-12T16:17:26+00:00","2026-06-12T18:00:18.540363+00:00",8,[18,21,23,26,28,30],{"name":19,"type":20},"Coupang","vendor",{"name":22,"type":20},"Google",{"name":24,"type":25},"Mandiant","product",{"name":27,"type":25},"Google Threat Intelligence Group",{"name":29,"type":20},"IBM",{"name":31,"type":20},"AT&T","2e06f76c-d5b9-4f54-9eef-4d3447b10730",{"id":32,"icon":34,"name":35,"slug":36},null,"Breaches","breaches",[38,40,45,50],{"category":39},{"id":32,"icon":34,"name":35,"slug":36},{"category":41},{"id":42,"icon":34,"name":43,"slug":44},"c5c77cdb-f7d7-4990-9436-c81dcbff1163","Policy","policy",{"category":46},{"id":47,"icon":34,"name":48,"slug":49},"d95477d7-eb04-4fad-a2dc-be1428040ce7","Privacy Fines","privacy-fines",{"category":51},{"id":52,"icon":34,"name":53,"slug":54},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[56],{"type":57,"value":58,"context":59},"cve","CVE-2026-42271","Command injection vulnerability in BerriAI LiteLLM, added to CISA's KEV catalog due to active exploitation."]