Group-IB researchers observed a threat actor named Bloody Wolf launching a cyberattack campaign against Kyrgyzstan targeting the delivery of the NetSupport RAT beginning in June 2025.By early October 2025, its attacks expanded to Uzbekistan. By masquerading as the Kyrgyz Ministry of Justice, the attackers utilized official-looking PDF documents and domains, which in turn hosted malicious Java Archive (JAR) files designed to deploy the NetSupport RAT. The attack uses social engineering and easy-to-access tools via phishing emails to trick recipients into clicking on a link to download a malicious JAR loader file and install the Java Runtime, which in turn executes the loader in order to obtain the NetSupport RAT and establish persistence. Geofencing restrictions were also added to the attack against Uzbekistan.

CVE-2025-47812 is an extremely high-risk vulnerability with a confirmed exploit in the wild. Due to its low threshold of exploitation and high destructive power, it is recommended that all organizations using Wing FTP Server give it the highest priority for disposal, and must complete version upgrades or implement effective traffic blocking policies as soon as possible.

CVE-2025-6554 is a Type Confusion vulnerability in the Google Chrome V8 JavaScript engine. Type Confusion is a common class of memory corruption vulnerabilities that can lead to unsafe memory operations when a program incorrectly interprets one data type as another, allowing an attacker to execute arbitrary code on the victim's system.

In 2025, industrial control system security will face unprecedented challenges, mainly in the form of two-way risks of technological innovation and theft, double hazards brought about by the coexistence of old and new technologies, intensified supply chain security crises, as well as zero-day loopholes and stealth strategy failures

The Apple iMessage Zero-Click vulnerability allows an attacker to remotely compromise a device by sending a maliciously crafted iMessage message without user interaction. It has been exploited by Graphite spyware to launch attacks against journalists.

The vulnerability stems from the V8 TurboFan compiler's incorrect handling of dynamic index loading when performing store-store elimination optimization, which leads to misclassification of alias relationships and incorrect elimination of critical store operations, which in turn leads to memory access out-of-bounds. An attacker can construct a specially crafted HTML page to induce user access, trigger malicious JavaScript code execution, exploit the vulnerability to achieve remote code execution and sandbox escape, and ultimately take full control of the victim's device.

Aim Security has discovered the "EchoLeak" vulnerability, which exploits a design flaw typical of RAG Copilot, allowing an attacker to automatically steal any data in the context of M365 Copilot without relying on specific user behavior. The main attack chain consists of three different vulnerabilities, but Aim Labs has identified other vulnerabilities during its research that may enable exploitation.

Digitization has brought enormous economic and social benefits, but our growing reliance on digital technologies also poses significant risks. This is also the case in developing countries, where the pace of digitization often outstrips the necessary investment and attention required to build cyberresilience, which can lead to debilitating consequences.

The Global State of DevSecOps Survey Report 2024 reveals key trends and challenges in the DevSecOps space, based on a survey of more than 1,000 global developers, security, and operations personnel, with key data highlights

82% organizations use 6-20 security tools.
Test results for 60% contain noise from 21%-60%.
Only 24% of respondents were "extremely confident" in AI code protection.
Organizations in 86% believe that security testing slows down development.

A new proof of concept (PoC), identified as CVE-2025-21298, has been released for a Microsoft Outlook zero-click remote code execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE).