UK Cybersecurity Showcase: What You Need to Know

Below is a detailed roundup of recent cyber security news – from live government and academic events to emerging vulnerabilities and criminal cyber investigations – along with useful links for further reading.

──────────────────────────────
UK Policy & Events
──────────────────────────────
UK Security Minister Dan Jarvis MP recently visited the Sheffield Hallam cyber security showcase at [Sheffield Hallam University](https://www.shu.ac.uk/). In his speech, Minister Jarvis highlighted the need to empower the next generation of cyber experts, and he emphasized the importance of strengthening national and international defenses against evolving digital threats. Additionally, the [UK Government’s cyber security initiatives](https://www.gov.uk/government/organisations/uk-cyber-security) continue to underscore the critical role of public–private partnerships in safeguarding digital infrastructure.

──────────────────────────────
Alerts from CISA & Emerging Vulnerabilities
──────────────────────────────
The U.S. Cybersecurity and Infrastructure Security Agency ([CISA](https://www.cisa.gov)) has issued alerts detailing several high-risk vulnerabilities that threat actors are actively weaponizing:

1. Ivanti EPMM Vulnerabilities
 • Two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, referenced as [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427) and [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), are now in the wild, potentially allowing persistent remote code execution on vulnerable servers.
 • Read more about these issues on Ivanti’s [security advisory page](https://www.ivanti.com/support/security-advisories).

2. Keras Safe Mode Bypass – [CVE-2025-9906](https://nvd.nist.gov/vuln/detail/CVE-2025-9906)
 • The Keras Model.load_model method can be tricked into executing arbitrary code. A specially crafted .keras model archive that disables safe mode (via a manipulated config.json file) opens the door for misuse of the Lambda layer’s capability to run arbitrary Python code.

3. WordPress Plugin Vulnerabilities
 • The [Embed PDF for WPForms](https://wpforms.com/) plugin (all versions up to 1.1.5) is vulnerable to arbitrary file uploads ([CVE-2025-10647](https://nvd.nist.gov/vuln/detail/CVE-2025-10647)). Authenticated attackers may abuse this flaw to potentially trigger remote code execution.
 • The Service Finder Bookings plugin ([CVE-2025-5948](https://nvd.nist.gov/vuln/detail/CVE-2025-5948)) suffers from a privilege escalation vulnerability, while the Service Finder SMS System plugin ([CVE-2025-5955](https://nvd.nist.gov/vuln/detail/CVE-2025-5955)) allows unauthenticated login as arbitrary users.

4. Goza – Nonprofit Charity WordPress Theme Vulnerability
 • The [Goza WordPress theme](https://wordpress.org/themes) is susceptible to unauthorized file uploads ([CVE-2025-10690](https://nvd.nist.gov/vuln/detail/CVE-2025-10690)), which may allow attackers to remotely execute code via disguised plugin packages.

5. Cognex In-Sight Explorer and In-Sight Camera Firmware Issues
 • Several vulnerabilities have been identified affecting Cognex devices:
  - [CVE-2025-54810](https://nvd.nist.gov/vuln/detail/CVE-2025-54810) (Firmware Authentication Bypass)
  - [CVE-2025-54818](https://nvd.nist.gov/vuln/detail/CVE-2025-54818) (Cleartext Transmission of Sensitive Information)
  - [CVE-2025-54497](https://nvd.nist.gov/vuln/detail/CVE-2025-54497) and [CVE-2025-52873](https://nvd.nist.gov/vuln/detail/CVE-2025-52873) (Incorrect Permission Assignments via Telnet Services)
  - [CVE-2025-53969](https://nvd.nist.gov/vuln/detail/CVE-2025-53969) addressing client-side enforcement misconfigurations.
  - Further details regarding these vulnerabilities can be found on Cognex’s [security update page](https://www.cognex.com/support).

6. GoAnywhere MFT Deserialization Vulnerability
 • A deserialization flaw in the License Servlet of Fortra’s GoAnywhere MFT ([CVE-2025-10035](https://nvd.nist.gov/vuln/detail/CVE-2025-10035)) could allow an attacker to inject commands, leading to full system compromise.

7. Chrome Zero-Day & Dover Fueling Solutions Vulnerabilities
 • Google recently patched a critical V8 exploit ([Chrome Zero Day CVE-2025-10585](https://nvd.nist.gov/vuln/detail/CVE-2025-10585)) to quickly mitigate active attacks affecting millions of users.
 • Additional vulnerabilities target Dover Fueling Solutions ProGauge MagLink LX4 Devices. These include integer overflows ([CVE-2025-55068](https://nvd.nist.gov/vuln/detail/CVE-2025-55068)), hard-coded cryptographic keys ([CVE-2025-54807](https://nvd.nist.gov/vuln/detail/CVE-2025-54807)), weak default credentials ([CVE-2025-30519](https://nvd.nist.gov/vuln/detail/CVE-2025-30519)), and hard-coded passwords ([CVE-2025-54754](https://nvd.nist.gov/vuln/detail/CVE-2025-54754)). These issues underline the imperative for timely patch management and configuration reviews.

8. SoftIron HyperCloud Privilege Escalation
 • Finally, [SoftIron HyperCloud 2.5.0 through 2.6.3](https://www.softiron.com) is affected by a misconfiguration (documented as [CVE-2025-10650](https://nvd.nist.gov/vuln/detail/CVE-2025-10650)), where non-admin users might receive unintended cluster-level SSH access.

──────────────────────────────
Cybercrime Developments & Law Enforcement
──────────────────────────────
– Russian threat actors, specifically groups like Gamaredon and Turla, have reportedly collaborated to deploy the Kazuar backdoor on Ukrainian targets. [ESET’s analysis](https://www.welivesecurity.com) provides further details on this breach, which exposes potential espionage linked to the FSB.

– In the UK, law enforcement secured arrests connected to the notorious Scattered Spider cybercriminal group.
 • Two individuals, including 19-year-old Thalha Jubair implicated in over 120 network intrusions resulting in more than $115 million in ransom payments, have been apprehended.
 • Two UK teenagers suspected of ties to the August 2024 Transport for London (TfL) cyber attack now face potential U.S. fraud charges and extremely lengthy sentences. More on these developments can be found via reports on [UK cybercrime news](https://www.bbc.com/news/technology).

──────────────────────────────
Market & Investment Highlights
──────────────────────────────
– In business news, National Bank has raised its price target on Cenovus Energy (NYSE: CVE) to C$29 after noting steady upstream production despite occasional dips linked to maintenance and wildfire challenges. Investors interested in Canadian energy stocks are encouraged to review the [full Cenovus Energy update](https://www.nationalbank.com).

– Similarly, industry updates on acquisitions and strategic business moves such as Cenovus Energy’s assembly of shareholder value through the acquisition of MEG Energy provide further insight into market trends.

──────────────────────────────
Stay Alert & Informed
──────────────────────────────
With a growing number of vulnerabilities affecting both enterprise solutions and consumer technology, it is critical for organizations and individuals alike to stay up-to-date with the latest security patches and threat intelligence. To further explore details on these vulnerabilities, make sure to consult trusted sources like the [National Vulnerability Database (NVD)](https://nvd.nist.gov) and official security advisories from vendors.

For more news and expert analysis on cyber security trends – from government initiatives and academic contributions to actionable vulnerability information – subscribe to reliable cyber security portals and stay connected through reputable sites such as [CISA](https://www.cisa.gov) and [Krebs on Security](https://krebsonsecurity.com).

This comprehensive update highlights the dynamic environment of cyber security, emphasizing the need for robust defenses, prompt patches, and ongoing collaboration between stakeholders. Stay informed, stay secure!