OpenAI’s $40 billion funding deal led by SoftBank could make it one of the most valuable private firms in the world. But there is a catch. It must fully transition to a for profit model by the end of 2025 or risk losing billions, marking a major shift for the AI company.
Elon Musk’s xAI has bought social media platform X for $33 billion, calling it a major step in combining AI with real-time public conversation. Critics are concerned about data privacy and the true value of X, while others see it as a bold move to challenge AI leader OpenAI.
From quiet meetups to packed arenas, AI conferences are lighting up cities worldwide in 2025. With tech leaders, investors and innovators joining forces, these events mark a turning point as the global push toward Industry 5.0 gains speed, creativity and serious attention.
CISA, FBI, and ACSC warn of LockBit 3.0 ransomware exploiting the critical "Citrix Bleed" vulnerability (CVE-2023-4966) in Citrix appliances. Businesses are urged to patch immediately, as attackers can bypass MFA and gain unauthorized access, posing serious cyber risks.
In a crucial cybersecurity collaboration, the Cybersecurity and Infrastructure Security Agency (CISA), FBI, MS-ISAC, and ASD’s ACSC have issued a joint advisory about LockBit 3.0 ransomware exploiting the CVE-2023-4966 vulnerability, known as "Citrix Bleed." This vulnerability affects Citrix NetScaler ADC and Gateway appliances.
The advisory details TTPs and IOCs sourced from the FBI, ACSC, and Boeing. Boeing's experience with LockBit 3.0 exploiting CVE-2023-4966 for unauthorised access highlights the threat's seriousness. LockBit 3.0, known for its diverse attack methods, targets multiple critical infrastructure sectors. "Citrix Bleed" allows attackers to bypass passwords and MFA, facilitating unauthorised access and data compromise.
CISA and partnering organisations stress the urgency of applying the recommended mitigations, including isolating affected appliances and updating software via the Citrix Knowledge Center. The vulnerability, which enables hijacking legitimate user sessions, was identified in early 2023 and publicly disclosed by Citrix in October 2023. Due to its severity, CISA added it to the KEVs Catalog, emphasising its critical impact on various software versions.
This advisory's release is a significant wake-up call for businesses globally. It underscores the escalating sophistication of cyber threats, particularly ransomware like LockBit 3.0, which now exploit critical vulnerabilities to gain extensive access to corporate networks. The ability to bypass MFA, a cornerstone of modern cybersecurity defences, represents a new level of threat that requires immediate and proactive response. Businesses, especially those in critical infrastructure sectors, must prioritise patching vulnerabilities like CVE-2023-4966 and adopt a layered security approach. This incident highlights the ongoing arms race in cybersecurity, where businesses must constantly evolve their defences in response to increasingly advanced cyber threats.
Elon Musk’s X AI platform has been hit by a massive cyber-attack, leaving users in the U.S. and UK unable to refresh feeds or access accounts. Musk confirmed the attack’s severity, pointing to IP traces from “the Ukraine area,” though experts caution that origin masking is possible.
Late last week, an extraordinary announcement signaled a dramatic shift in U.S. cybersecurity policy: the Trump administration deprioritized Russia as a leading cyber threat. Experts fear downplaying Moscow’s aggression could expose American networks to new risks and undermine national security.
Since early 2022, the British government has tied Iran to over 20 plots threatening UK citizens, reflecting Tehran’s expanding covert tactics. These attempts—spanning assassination, kidnapping, and surveillance—mark a significant escalation on British soil.
In 2024, deepfakes became a major threat, causing market disruptions and privacy concerns. The rapid growth of AI technology has made digital deception easier, stressing the urgent need for enhanced verification systems to protect against misinformation and cyberattacks.
