American pharmaceutical firm Inotiv said that an attack had disrupted business operations after some of its networks and systems (including databases and internal applications) were taken down.

A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware.

Security researcher Lyra Rebane has devised a novel clickjacking attack that relies on Scalable Vector Graphics and Cascading Style Sheets. Rebane demonstrated the technique at BSides Tallinn and has now published a summary of her approach.

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. The vulnerability lets attackers trigger an XXE injection in Apache Tika’s core, PDF, and parser modules.

The U.S. Cybersecurity and Infrastructure Security Agency on Friday formally added a critical security flaw impacting React Server Components to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.

Near the end of 2024, the Sophos research team found references on underground forums to a new offering, VX Crypt, credited to an entity called ‘Shanya’ (also the name of a river in western Russia).

Predator spyware, developed by Intellexa, is actively being used in several countries, including Iraq and Pakistan. Researchers have found indicators likely associated with the use of Predator spyware by an entity tied to Pakistan.

Google has released an update for its Chrome browser, addressing 13 security vulnerabilities, including four high-severity issues. One critical vulnerability, CVE-2025-13633, affects the Digital Credentials feature.

GoldFactory, a financially motivated cybercriminal group, has launched a new wave of attacks in Southeast Asia, targeting mobile users in Indonesia, Thailand, and Vietnam. The group uses modified banking apps to distribute Android malware.

A critical pre-authentication RCE bug has been identified in Oracle Identity Manager’s REST WebServices. This vulnerability allows unauthenticated attackers to exploit URI and matrix parameter parsing weaknesses to execute arbitrary code.