Cyber Briefing: 2025.05.19

Firefox patches RCE bugs, ModiLoader hits Windows, glibc flaw risks Linux root. Arla, Poland, and Harbin face cyberattacks. Japan boosts cyberdefense, Pwn2Own pays $1M, UK sees rising cyber job gap.

May 19, 2025

Listen to our podcast here!

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this?

👉 What's happening in cybersecurity today?

Get Help

🚨 Cyber Alerts

1. Mozilla Urgent Firefox Patch Fixes RCE Flaws

Mozilla released an emergency Firefox update to fix two critical JavaScript engine vulnerabilities. These severe out-of-bounds flaws could allow attackers to execute arbitrary code on users' systems. The flaws impact multiple Firefox versions were shown at Pwn2Own and have a high risk score. Users are strongly urged to update Firefox immediately as active exploitation of these vulnerabilities is possible.

2. ModiLoader Malware Targets Windows Users

A malware strain called ModiLoader is spreading through phishing emails impersonating Turkish banks. Victims are tricked into opening RAR files that run encoded scripts installing the DBatLoader malware. It eventually deploys SnakeKeylogger, which steals sensitive data like keystrokes and stored credentials. The malware avoids detection using renamed files, misleading paths, DLL side-loading, and by disabling antivirus protections.

3. Glibc Flaw Gives Linux Root Access Risk

A critical glibc vulnerability (CVE-2025-4802) exposes many Linux systems to local privilege escalation attacks. This flaw in glibc 2.27-2.38 lets attackers manipulate LD_LIBRARY_PATH to execute arbitrary code. It affects statically linked setuid binaries calling dlopen and carries a critical 9.8 CVSS score. Experts advise updating glibc to 2.39+ applying patches and carefully auditing setuid binaries.

For more alerts, click here!

Check Jobs

💥 Cyber Incidents

4. Arla Plant Cyberattack Halts Operations

Dairy giant Arla Foods confirmed a cyberattack hit its German plant in Upahl disrupting IT systems and production. While Arla works to restore operations, details on the breach remain undisclosed by the Denmark based group. This incident comes as Arla plans a significant merger with German dairy cooperative DMK creating a European leader. Another German company Oettinger Getränke also recently reported a cyberattack highlighting broader sector risks.

5. Massive DDoS Hits Poland's Civic Platform

Poland's Civic Platform party websites suffered a massive DDoS attack taking them temporarily offline. Prime Minister Donald Tusk attributed this cyberattack to Russian hackers also targeting other Polish parties. The police Central Bureau for Combating Cybercrime is investigating these attacks on various public entities. This disruption which affected election campaign donations is a crime punishable under Polish law.

6. Georgia’s Harbin Clinic Hit by Data Breach

Harbin Clinic in Georgia reported a data breach tied to Nationwide Recovery Services in July 2024. Over 200,000 individuals had personal, financial, and medical data exposed in the attack. The breach occurred after hackers accessed Nationwide Recovery Services systems between July 5 and July 11. Other healthcare providers in Georgia and Tennessee were also affected, raising the total impact.

For more incidents, click here!

Check Tools

📢 Cyber News

7. Japan Enacts a New Cyberdefense Law

Japan enacted a new Active Cyberdefense Law allowing authorities to conduct preemptive offensive cyber operations. This marks a major shift from Japan's traditional pacifist defense policy now permitting server neutralization. The law also allows foreign internet traffic analysis under an oversight panel despite some privacy concerns. This new legislation comes as Japan faces an all time high of state sponsored and financial cyberattacks.

8. Hackers Net $1M For ZeroDay Flaws at Pwn2Own

The Pwn2Own Berlin 2025 hacking contest saw over $1 million awarded for 28 new zero-day vulnerabilities. Researchers successfully exploited diverse targets including AI products VMware ESXi SharePoint and web browsers. Mozilla notably patched two critical Firefox vulnerabilities on the same day they were demonstrated. STAR Labs SG won the competition earning $320000 while no attempts were made on Tesla cars.

9. UK Cyber Talent Demand High With Skills Gap

The United Kingdom's cybersecurity job market is growing rapidly creating about 17,000 current vacancies. This boom causes significant hiring struggles for companies due to a persistent critical skills gap. Demand for roles like cloud security engineers and SOC analysts is high across all sectors. While high salaries are needed, economic constraints and long hiring processes remain key barriers.

For more news, click here

📈Cyber Stocks

💡 Cyber Tip

Update Firefox Now to Stay Protected from Dangerous Web-Based Attacks

Mozilla has released a critical security update for Firefox to fix two serious flaws that hackers could exploit just by getting you to visit a malicious website. These flaws could let attackers fully take over your device.

✅ What you should do:

Open Firefox, click the menu button (three lines), go to Help, then click About Firefox.
Firefox will automatically check for updates. Install version 138.0.4 or higher.
If you use Firefox ESR, make sure you're on version 128.10.1 or 115.23.1.
Restart the browser after the update to apply the fix.

Why this matters: Just visiting a malicious website on an outdated browser could allow hackers to take control of your system and access your personal data. Updating now is your best defense.