Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Researcher Discovers Critical RCE (CVE-2025-12735) in expr-eval JavaScript Library
Security researcher Jangwoo Choe discovered a critical remote code execution (RCE) vulnerability, CVE-2025-12735, in the popular JavaScript library expr-eval. The flaw lets attackers execute arbitrary code and seize full control over hundreds of affected projects.
-
Russian Initial Access Broker Pleads Guilty in US for Yanluowang Ransomware Attacks
A Russian initial access broker (IAB) pleaded guilty in the United States for facilitating at least seven Yanluowang ransomware attacks, demanding $24 million from American organizations. This case highlights the crucial role of IABs in the cybercriminal ecosystem and international law enforcement efforts to combat ransomware.
-
UK Joins C-SIPA, Bolstering Regional Security
The UK has formally joined the Comprehensive Security Integration and Prosperity Agreement (C-SIPA), a multilateral framework aimed at bolstering security and stability in the region through closer defense and security ties.
-
Ransomware Attack Cripples Asahi Group Holdings’ Deliveries, Financials
A ransomware attack has severely impacted Asahi Group Holdings, disrupting beer deliveries and financial reporting for a month, highlighting critical vulnerabilities in supply chain integrity and data security for large corporations.
-
Military Veterans Strengthening Cybersecurity
Military veterans are increasingly filling critical cybersecurity roles, leveraging their discipline and problem-solving skills to address the global talent shortage.
-
GootLoader Returns with Novel WOFF2 Font Obfuscation and WordPress Exploits
GootLoader returns with novel WOFF2 font obfuscation and WordPress exploits, rapidly compromising networks. The malware uses custom WOFF2 fonts and exploits WordPress comment sections to deliver malicious payloads.
-
Romania Finds Possible Drone Fragments After Russian Strikes on Ukraine
Romanian authorities discovered possible drone fragments in their southeastern border region after Russian aerial assaults targeted Ukrainian ports along the Danube River, escalating cross-border implications and highlighting NATO’s challenges in securing its borders.
-
Russia’s Ulyanovsk Region Imposes Permanent Mobile Internet Blackout
Russia’s Ulyanovsk region imposed the country’s first permanent mobile internet blackout, citing security concerns related to the ongoing “special military operation” in Ukraine.
-
China Showcases GJ-11 Stealth Drone with J-20S Fighter
China released new footage showing its GJ-11 stealth uncrewed combat air vehicle (UCAV), known as Xuanlong, operating with the J-20S stealth fighter, signaling its entry into regular training and active use within the Chinese Air Force.
-
AI Escalates Supply Chain Attacks, Overwhelming Traditional Defenses
AI-enabled supply chain attacks are rapidly increasing in sophistication and scale, posing significant challenges to traditional cybersecurity defenses. This article explores the rise of polymorphic and context-aware AI-generated malware, its real-world impacts, and the urgent need for adaptive security frameworks and regulatory compliance to combat these evolving threats.