1010.cx

  • Incident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin America

    ·

    Menlo Park, CA, USA, November 10th, 2025, CyberNewsWire

    AccuKnox, a leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), announced a strategic partnership with Incident Response Team SA DE CV (ShieldForce) and DeepRoot Technologies, a global cybersecurity service provider and managed services partner, to accelerate Zero Trust adoption and AI Security innovation across Mexico and parts of Latin America. 

    Incident Response Team SA DE CV (ShieldForce) – Cyber Resilience Partnership 

    Incident Response Team SA DE CV (ShieldForce), founded by Francisco Villegas, in Mexico, delivers AI-driven managed cybersecurity solutions, including Incident response, Managed SOC, endpoint protection, disaster recovery, anti-ransomware protection, and regulatory compliance management.

    Operating across Mexico and Latin America, Incident Response Team SA DE CV (ShieldForce) helps organizations minimize downtime, mitigate cyber risks, and protect their reputations in an increasingly complex digital landscape.

    Recently, Incident Response Team SA DE CV (ShieldForce’s) CEO, Francisco Villegas, presented at one of Mexico’s largest cybersecurity conferences.

    They presented in Spanish on the importance of Zero Trust CNAPP strategies in modern enterprises. This topic received highly positive audience feedback, reinforcing ShieldForce’s growing leadership in the region.

    Leadership Testimonials

    “Nuestra misión en ShieldForce siempre ha sido ayudar a los clientes a mantenerse por delante de la evolución de las amenazas a través de la automatización, la concienciación y la inteligencia,” dijo Francisco Javier Villegas Landin, Fundador y CEO de ShieldForce.

    “This partnership demonstrates the power of collaboration in advancing Zero Trust adoption,” said Vineel Kurumella, Partner at DeepRoot Technologies

    “We’re thrilled to collaborate with ShieldForce and DeepRoot Technologies in bringing AccuKnox’s Zero Trust and AI Security capabilities to North and Latin America,” said Raj Panchapakesan, Global Head of Business Development and Partner Ecosystem at AccuKnox

    Securing ‘Code to Cognition’

    AccuKnox provides comprehensive multi-cloud and on-premise security. In parallel, AccuKnox AI Security provides comprehensive protection for the full lifecycle of AI/ML/LLM workloads encompassing data, models, applications, and infrastructure.

    About ShieldForce

    ShieldForce is a global cybersecurity provider delivering AI-powered managed services, including SOC operations, endpoint protection, threat detection, incident response, and compliance management.

    About DeepRoot Technologies

    DeepRoot Technologies (DeepRootTech) specializes in cybersecurity and data engineering solutions that enhance detection, response, and data insight.

    The company designs secure data pipelines and AI-driven analytics frameworks that enable enterprises to protect critical systems without disrupting innovation.

    About AccuKnox

    AccuKnox is a Zero Trust CNAPP platform that delivers runtime protection, agentless risk assessment, and comprehensive visibility across cloud, container, and AI workloads.

    The company is a core contributor to leading CNCF open-source projects KubeArmor and ModelArmor. 

    Contact

    PMM

    Syed Hadi

    AccuKnox

    syed.hadi@accuknox.com

    The post Incident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin America appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Android Users Hit by Malware Disguised as Relaxation Programs

    ·

    , , ,

    A sophisticated new cyberattack targeting Android devices in South Korea has been uncovered, leveraging Google’s asset-tracking feature, Find Hub, to remotely wipe sensitive user data. Threat actors disguised as psychological counselors and North Korean human rights activists have distributed malware masquerading as stress-relief programs, marking a significant escalation in state-sponsored attacks linked to the notorious […]

    The post Android Users Hit by Malware Disguised as Relaxation Programs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution

    ·

    , , , ,

    A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks.

    The vulnerability, tracked as CVE-2025-12735, allows attackers to execute arbitrary system commands through maliciously crafted input.

    The expr-eval library is a JavaScript tool designed to parse and evaluate mathematical expressions safely, serving as a more secure alternative to JavaScript’s native eval() function.

    With over 250 dependent packages, including oplangchain, a JavaScript implementation of the popular LangChain framework, this vulnerability has significant implications for the AI and NLP ecosystem.

    NPM Library Vulnerability

    Carnegie Mellon University researchers discovered that attackers can define arbitrary functions within the parser’s context object, enabling the injection of malicious code that executes system-level commands.

    This vulnerability achieves Total Technical Impact under the SSVC framework, meaning adversaries gain complete control over affected software behavior and can access all system information.

    CVE IDAffected PackageVulnerability TypePatched Version
    CVE-2025-12735expr-eval, expr-eval-forkRemote Code Executionexpr-eval-fork v3.0.0

    The flaw is particularly dangerous for generative AI systems and NLP applications. These systems often run in server environments with access to sensitive local resources and process user-supplied mathematical expressions.

    Developers using expr-eval or expr-eval-fork should take immediate action by upgrading to the expr-eval-fork version 3.0.0, which includes comprehensive security patches.

    The update introduces an allowlist of safe functions, mandatory registration for custom functions, and enhanced test cases to enforce security constraints.

    The vulnerability was responsibly disclosed by security researcher Jangwoo Choe (UKO) and patched through GitHub Pull Request #288.

    Organizations can use npm audit to automatically detect this vulnerability in their projects through the GitHub Security Advisory GHSA-jc85-fpwf-qm7x.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization

    ·

    , , ,

    A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization system.

    The flaw CVE-2025-64439 affects versions of langgraph-checkpoint before 3.0. It allows attackers to execute arbitrary Python code when untrusted data is deserialized.

    The vulnerability resides in LangGraph’s JsonPlusSerializer, the default serialization protocol used for checkpoint persistence.

    When the serializer encounters illegal Unicode surrogate values during msgpack serialization, it automatically falls back to JSON mode.

    LangGraph Vulnerability

    In this fallback state, the deserializer supports a constructor-style format that reconstructs custom objects during loading.

    The flaw carries a CVSS score of 8.5, classified as “High” severity. It falls under CWE-502, which covers deserialization of untrusted data vulnerabilities.

    An attacker can exploit this mechanism to inject malicious payloads that execute arbitrary functions when deserialized.

    AttributeDetails
    CVE IDCVE-2025-64439
    Vulnerability TypeRemote Code Execution (RCE)
    ComponentLangGraph JsonPlusSerializer
    Affected Versionslanggraph-checkpoint < 3.0
    Patched Versionslanggraph-checkpoint >= 3.0
    SeverityHigh (7.5 CVSS v4)
    Attack VectorNetwork

    The vulnerability primarily affects applications that meet two conditions: They allow untrusted or user-supplied data to be persisted into checkpoints, and they use the default JsonPlusSerializer (or explicitly instantiate it).

    Applications processing only trusted data face significantly lower practical risk. LangGraph-API deployments running version 0.5 or later are unaffected.

    Attackers can weaponize this vulnerability through a carefully crafted proof-of-concept. That injects a malicious payload structured with specific JSON elements: an “lc” value of 2, a “type” set to “constructor,” and an “id” field pointing to dangerous system functions like “os.system.”

    When the compromised checkpoint is loaded, the deserialization process automatically executes the embedded command.

    LangChain has released langgraph-checkpoint version 3.0 to address this issue.

    The fix implements an allow-list for constructor deserialization, restricting permissible paths to explicitly approved module and class combinations.

    Additionally, saving payloads in JSON format has been deprecated to eliminate this unsafe fallback mechanism. Users should upgrade immediately to version 3.0 or later.

    The update maintains full compatibility with langgraph 0.3. It requires no code modifications or import changes, making the patching process straightforward and low-risk for most deployments.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • NuGet Supply-Chain Exploit Uses Timed Destructive Payloads Against ICS

    ·

    , ,

    A sophisticated supply chain attack has compromised critical industrial control systems through nine malicious NuGet packages designed to inject time-delayed destructive payloads into database operations and manufacturing environments. Socket’s Threat Research Team identified these weapons of code, published under the alias shanhai666 between 2023 and 2024, which have collectively accumulated 9,488 downloads before being reported […]

    The post NuGet Supply-Chain Exploit Uses Timed Destructive Payloads Against ICS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • MAD-CAT “Meow” Tool Sparks Real-World Data Corruption Attacks

    ·

    The infamous Meow attack, which devastated unsecured databases since 2020, has resurfaced with renewed force through MAD-CAT (Meow Attack Data Corruption Automation Tool). This custom-built adversarial simulation tool demonstrates how easily attackers can corrupt data across multiple database platforms simultaneously, highlighting a critical vulnerability that continues to plague modern infrastructure. The Evolution of Meow While Meow attack […]

    The post MAD-CAT “Meow” Tool Sparks Real-World Data Corruption Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • ⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

    ·

    Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Popular npm Library Used in AI and NLP Projects Exposes Systems to RCE

    ·

    A critical remote code execution vulnerability has been discovered in the widely used JavaScript library expr-eval, affecting thousands of projects that rely on it for mathematical expression evaluation and natural language processing. The vulnerability, tracked as CVE-2025-12735, poses significant risks to server environments and to AI-powered applications that process user input. Identifier Value CVE ID […]

    The post Popular npm Library Used in AI and NLP Projects Exposes Systems to RCE appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Fired Intel Engineer Stolen 18,000 Files, Many of which Were Classified as “Top Secret”

    ·

    , ,

    Intel has filed a federal lawsuit against a former employee accused of downloading thousands of classified documents shortly after being terminated, raising serious concerns about corporate data security and insider threats.

    Jinfeng Luo, a software developer who has worked at Intel since 2014, was based in Seattle when the company notified him of his pending dismissal on July 7.

    His employment officially ended on July 31 as part of Intel’s massive workforce reduction effort that saw over 15,000 employees laid off worldwide during the summer restructuring.

    The Alleged Theft

    According to Intel’s lawsuit filed in Washington federal court, Luo attempted to download files from his work laptop to an external hard drive on July 23. However, the company’s security controls blocked the transfer.

    Luo allegedly connected a different storage device five days later and downloaded about 18,000 files. Many of these files were marked as “Top Secret” by Intel.

    The unauthorized file transfer immediately triggered an internal investigation. Intel spent months attempting to contact Luo at his Seattle residence and two other addresses linked to him, including one in Portland, but the engineer could not be reached.

    Unable to locate Luo, Intel pursued legal action seeking substantial compensation. The lawsuit demands at least $250,000 in damages, attorney fees, and a court injunction prohibiting Luo from disclosing any of the stolen confidential information to unauthorized parties.

    Neither Intel nor Luo has provided public comments about the case. The tech giant declined to discuss details when contacted by media outlets, and Luo’s current whereabouts remain unknown.

    Legal observers, OregonLive first reported on Intel’s lawsuit earlier this week through specialized law and employment news platforms.

    The incident highlights significant vulnerabilities in protecting sensitive corporate data during layoffs.

    As companies implement cost-cutting measures affecting thousands of employees, insider threats pose escalating risks to intellectual property and classified information.

    Intel’s case demonstrates how quickly departing employees can access and remove sensitive materials before security measures can be fully implemented.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post Fired Intel Engineer Stolen 18,000 Files, Many of which Were Classified as “Top Secret” appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New Browser Security Report Reveals Emerging Threats for Enterprises

    ·

    According to the new Browser Security Report 2025, security leaders are discovering that most identity, SaaS, and AI-related risks converge in a single place, the user’s browser. Yet traditional controls like DLP, EDR, and SSE still operate one layer too low. What’s emerging isn’t just a blindspot. It’s a parallel threat surface: unmanaged extensions acting like supply chain implants, GenAI

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶