Security News Update for May 11, 2025

This week’s news includes:

• Experts Say US Phone/Internet Carriers No More Secure After Chinese Hacks
• Delta Has to Face Passenger Lawsuits Over Crowdstrike Meltdown
• CISA Says Unsophisticated Attacks on Energy, Transportation Work Due to Weak Security
• CMMC Q&A
• SonicWall SMAxxx VPN Vulnerabilities Being Exploited Now
• Researcher Says Commvault Patch Didn’t Fix Problem
• Cisco Gets Another 10 – IOSXE This Time
• France Fines Apple $162 Million for HOW They Use Privacy Tool
• Court Says Apple Violated Requirement to Open Up App Store
• Jury Orders NSO Spyware Company to Pay WhatsApp $168 Million
• Florida Roots Out Waste, etc. In a Good Way – Before it is Spent
• Hackers Ramp Up Efforts Targeting Developers
• FBI Explains How Chinese Use AI to Swindle US Businesses
• Harrods Department Store Joins Club – UK Businesses Hacked This Year
• HHS Settles with PIH Health for $600K for HIPAA Violations
• Medical Device Giant Masimo Hit by Cyberattack
• Billions of Apple devices at risk from AirBorne
• Lawmakers grill Noem over CISA funding cuts, demand Trump cyber plan
• Feds cybersecurity is a dumpster fire
• Security News for the week ending May 9th, 2025: wrong number text messages, Real-ID is now real, this is why paying a ransom is not a good plan, Google rolling out on-device AI protections to detect scams and Real-ID is a real bullseye for every hacker

• Audio
• Video