Top 5 Cybersecurity News Stories March 14, 2025

By Editorial Team | March 14, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback

Mozilla is urging Firefox users to update to version 128 (or ESR 115.13+) before March 14, 2025, to prevent issues with add-ons and security features due to an expiring root certificate.

Failure to update may lead to disabled add-ons, DRM playback issues, and outdated security lists. Tor Browser users should also update.

2. GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Two high-severity vulnerabilities (CVE-2025-25291, CVE-2025-25292) in the ruby-saml library could allow attackers to bypass SAML authentication, risking account takeovers.

GitHub discovered the flaws, which stem from discrepancies in XML parsing. Users are urged to update to versions 1.12.4 or 1.18.0. GitLab has also patched related vulnerabilities in its CE and EE editions.

3. Facebook discloses FreeType 2 flaw exploited in attacks

Facebook has disclosed a high-severity vulnerability (CVE-2025-27363) in FreeType, a widely used font rendering library, warning that it has been exploited in attacks.

The flaw, affecting all versions up to 2.13.0, allows arbitrary code execution. Users and developers are urged to upgrade to FreeType 2.13.3 immediately to mitigate risks.

4. New North Korean Android spyware slips onto Google Play

Security researchers have linked a new Android spyware, KoSpy, to North Korean hacking group APT37. The malware was found in at least five apps on Google Play and APKPure, disguised as file managers and security tools. It steals SMS data, GPS locations, files, and even records audio and keystrokes.

Google has removed the apps, but users must manually uninstall them.

5. Australia regulator sues FIIG Securities for cybersecurity failures

Australia’s securities regulator (ASIC) is suing fixed-income broker FIIG, alleging it failed to implement adequate cybersecurity measures, leading to a cyberattack that compromised 385GB of client data.

The breach, which lasted from May 19 to June 8, 2023, affected 18,000 clients, with some stolen data appearing on the dark web. ASIC stresses the need for stronger cyber resilience.