Reza Rafati
-
Japan Scrambles Jets to Intercept Chinese Spy Drone
Japan scrambled fighter jets on Monday after a presumed Chinese unmanned aircraft traversed the airspace between Yonaguni Island and Taiwan, prompting an emergency response. This incident follows a growing pattern of Chinese military aircraft activity near Japan, highlighting escalating tensions and the increasing presence of sophisticated unmanned aerial vehicles in the region.
-
New lab offers generative AI for defense wargaming
Johns Hopkins Applied Physics Laboratory is set to open GenWar, a new lab in 2026, aimed at revolutionizing defense wargaming through generative AI. This initiative seeks to provide faster, more in-depth analyses and allow human players to rapidly test strategies with AI agents, moving beyond traditional labor-intensive wargames.
-
Chat control risk for cyber resilience
The Dutch intelligence service, AIVD, warns that a new EU proposal for ‘chat control’ could severely harm the Netherlands’ cyber resilience. They express concerns that voluntary message scanning might weaken security systems, making critical infrastructure and personal data vulnerable to cyberattacks, despite the aim to combat child sexual abuse material.
-
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding a critical, actively exploited zero-day vulnerability in Oracle Identity Manager (CVE-2025-52054). This flaw, with a CVSS score of 9.8, allows remote attackers to bypass authentication and gain unauthorized access, posing a significant risk of complete system compromise to affected versions.
-
Bugcrowd Buys Mayhem Security for AI Hacking
Bugcrowd acquires Mayhem Security, an AI and cyber scaleup. This merger boosts ethical hacking with AI-powered testing. Mayhem’s AI platform offers continuous security testing. The collaboration aims to shrink attack surfaces and pre-empt risks.
-
Sanctions Hit Russia’s Bulletproof Hosting Provider
U.S., UK, and Australia sanction Russia-based Media Land for providing bulletproof hosting to ransomware groups like LockBit, BlackSuit, and Play, freezing assets and prohibiting transactions.
-
Grafana Patches Critical SCIM Flaw
Grafana has patched a critical security flaw, CVE-2025-41115, in its SCIM component. This vulnerability could lead to user impersonation or privilege escalation in affected Grafana Enterprise versions. Users are advised to update immediately.
-
France Delivers SAMP/T Air Defense to Ukraine
France to boost Ukraine’s air defense with eight advanced SAMP/T NG systems, equipped with Aster 30 Block 1 NT missiles to counter ballistic and hypersonic threats.
-
CVE-2025-8855: 2FA Bypass in Brokerage Automation
CVE-2025-8855 is a critical 2FA bypass vulnerability in Optimus Software’s Brokerage Automation platform. It combines authorization bypass, weak password recovery, and authentication bypass flaws, leading to high-severity risks and unauthorized access.
-
PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens
PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.