Live Feeds
-
Researcher Discovers Critical RCE (CVE-2025-12735) in expr-eval JavaScript Library
Security researcher Jangwoo Choe discovered a critical remote code execution (RCE) vulnerability, CVE-2025-12735, in the popular JavaScript library expr-eval. The flaw lets attackers execute arbitrary code and seize full control over hundreds of affected projects.
-
Military Veterans Strengthening Cybersecurity
Military veterans are increasingly filling critical cybersecurity roles, leveraging their discipline and problem-solving skills to address the global talent shortage.
-
Russia’s Ulyanovsk Region Imposes Permanent Mobile Internet Blackout
Russia’s Ulyanovsk region imposed the country’s first permanent mobile internet blackout, citing security concerns related to the ongoing “special military operation” in Ukraine.
-
OWASP Updates Top 10 Risks, Highlights Supply Chain and Systemic Flaws
OWASP has updated its Top 10 list of web application security risks, highlighting supply chain and systemic design weaknesses, marking its first major revision since 2021.
-
Military Experts Raise Alarms Over AI Chatbot Vulnerabilities: A New Front in Cyberwarfare
Military experts warn about critical security flaws in AI chatbots, specifically prompt injection attacks, which can be exploited by hostile foreign powers to compromise sensitive information and unleash chaos. The article highlights real-world vulnerabilities in popular LLMs like Google Gemini, OpenAI’s ChatGPT, and Microsoft Copilot, and the potential for adversaries to pilfer critical files, warp…
-
EU Considers Banning Huawei Telecom Equipment for Member States
The European Union is contemplating a ban on Huawei telecommunications equipment for member states, driven by escalating cybersecurity and national security concerns. This move reflects a growing international apprehension regarding the integration of specific foreign technologies into global telecom networks and aims to fortify critical infrastructure against potential vulnerabilities.
-
Lukoil Halts Iraqi Operations at West Qurna-2 Amid Sanctions, Citing Force Majeure
Russian energy giant Lukoil has ceased all operations at Iraq’s West Qurna-2 oilfield and declared force majeure, a direct consequence of escalating international sanctions against Moscow.
-
Ukraine Urges U.S. for Patriot Missile Systems Amid Escalating Russian Attacks on Power Grid
Kyiv is intensifying its plea to Washington for additional Patriot air defense systems, a critical request as Russia escalates its systematic targeting of Ukraine’s energy infrastructure.
-
QNAP Issues Urgent Updates for Critical NAS Vulnerabilities Exposed at Pwn2Own
QNAP has issued a series of critical security updates following the discovery of eight severe vulnerabilities, enabling remote attackers to gain complete control over affected NAS systems.
-
SesameOp Backdoor Leverages OpenAI API for Stealthy Command and Control
Microsoft has identified a novel backdoor, dubbed “SesameOp,” that utilizes OpenAI’s Assistants API as a command-and-control (C2) channel. This sophisticated technique allows threat actors to stealthily orchestrate malicious activities within compromised environments, potentially evading traditional security measures.