Jensen Huang’s masterstroke strategy has propelled Nvidia beyond gaming roots into a $4 trillion AI titan. From powering the AI revolution to dominating chip markets and reshaping energy demand, Nvidia’s rise mirrors Huang’s relentless vision—and his soaring $140B fortune.
Microsoft patches 137 vulnerabilities including critical SPNEGO flaw, SAP addresses record 27 security notes with maximum CVSS 10.0 vulnerability, while 2.3 million users fall victim to sophisticated browser extension hijacking campaign.
Cyber News Centre's cyber update for 11th July 2025: Czech Republic's cybersecurity agency has issued a formal government warning against Chinese AI company DeepSeek's products citing national security threats. A critical vulnerability in the widely-used mcp-remote AI tool affects 437,000+ downloads and enables remote code execution. Meanwhile, ZuRu malware has resurfaced with a sophisticated campaign targeting macOS developers through trojanized Termius applications.
1. Czech Republic Issues Government Warning Against Chinese DeepSeek AI Products
DeepSeek operates as a Chinese artificial intelligence company developing large language models and AI applications, subject to the legal and regulatory framework of the People's Republic of China. The company provides various AI products, applications, solutions, websites, and web services including APIs to users globally.
The Update and Why It Matters
Update: The Czech Republic's National Cyber and Information Security Agency (NÚKIB) issued a formal cybersecurity warning on July 10, 2025, regarding DeepSeek products, rating the threat as "High" with probability ranging from "likely" to "very likely." The warning prohibits use of DeepSeek products on devices accessing critical information infrastructure, essential services, and important information systems.
NÚKIB Director Lukáš Kintr cited insufficient data protection, potential user de-anonymization, and China's legal environment allowing state access to data as primary concerns. Simultaneously, the Czech government approved a resolution instructing ministries and administrative authorities to ensure subordinate organizations cease using DeepSeek products on state-owned devices within 30 days. The warning excludes open-source models deployed locally without server communication capabilities.
Why it Matters: This represents one of the first comprehensive government bans on AI products based on cybersecurity concerns, potentially setting precedent for other nations' approaches to Chinese AI technologies. The decision reflects growing international tensions over data sovereignty and AI systems' potential for intelligence gathering or influence operations.
The timing coincides with recent attribution of APT31 cyberattacks against Czech Ministry of Foreign Affairs, demonstrating Beijing's willingness to act against Czech interests. The ban affects entities under Czech cybersecurity law and recommends public users, particularly high-profile individuals, avoid DeepSeek products entirely.
2. Critical mcp-remote Vulnerability Exposes 437,000+ AI Tool Users to Remote Code Execution
The mcp-remote project serves as a crucial component in the AI ecosystem, acting as a local proxy that enables Model Context Protocol (MCP) clients like Claude Desktop to communicate with remote MCP servers. The tool emerged following Anthropic's release of the MCP framework and has been downloaded more than 437,000 times across the npm package repository.
The Update and Why It Matters
Update:JFrog's Vulnerability Research Team discovered a critical security flaw tracked as CVE-2025-6514 with a CVSS score of 9.6 out of 10, affecting mcp-remote versions 0.0.5 through 0.1.15. The vulnerability allows attackers to trigger arbitrary operating system command execution when mcp-remote connects to untrusted MCP servers through crafted input during authorization phases.
On Windows systems, attackers achieve full parameter control for command execution, while macOS and Linux systems face arbitrary executable execution with limited parameter control. The flaw was patched in version 0.1.16 released June 17, 2025. Or Peles from JFrog emphasized this represents the first documented case of full remote code execution in real-world MCP client scenarios when connecting to untrusted servers.
Why it Matters: The widespread adoption of AI tools in enterprise environments makes this vulnerability particularly concerning, as mcp-remote serves as critical infrastructure for AI applications across numerous organizations. The ability for malicious actors to achieve full system compromise through seemingly legitimate AI tool connections poses significant risks to corporate networks and sensitive data.
This vulnerability highlights growing security concerns in the rapidly expanding MCP ecosystem as organizations adopt these AI integration tools without adequate security oversight. The discovery underscores the need for enhanced security practices when connecting AI systems to external servers and services.
3. ZuRu Malware Resurfaces with Sophisticated macOS Developer Targeting Campaign
ZuRu represents a persistent macOS malware family first documented in September 2021, known for propagating through trojanized versions of legitimate software targeting developers and IT professionals. The malware has consistently evolved its distribution methods while maintaining focus on business tools used by technical professionals.
The Update and Why It Matters
Update: SentinelOne researchers discovered a new ZuRu variant masquerading as the cross-platform SSH client Termius in late May 2025, employing a modified version of the open-source Khepri post-exploitation toolkit for remote control. The malware distributes via .dmg disk images containing compromised Termius applications with replaced developer signatures using ad hoc signatures to bypass macOS code signing.
The trojanized application includes two additional executables: ".localized" functioning as a loader downloading Khepri beacons from "download.termius[.]info," and ".Termius Helper1" containing the renamed legitimate helper application. This variant shifts from previous techniques that modified main executables with external dynamic library references to trojanizing embedded helper applications, likely circumventing certain detection mechanisms.
Why it Matters: The targeting of developer tools represents a particularly insidious attack vector, as compromised development environments can lead to supply chain attacks affecting downstream customers and partners. Developers often possess elevated privileges and access to sensitive code repositories, making them high-value targets for establishing persistent corporate network access.
The malware's evolution demonstrates threat actors' adaptation to security improvements while maintaining effectiveness against technical users who might otherwise detect suspicious activity. The campaign's opportunistic nature, targeting users seeking legitimate business tools, ensures broad potential victim pools within the developer community.
Get the stories that matter to you. Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments that impact cybersecurity.
Sign up for Cyber News Centre
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead.
Microsoft patches 137 vulnerabilities including critical SPNEGO flaw, SAP addresses record 27 security notes with maximum CVSS 10.0 vulnerability, while 2.3 million users fall victim to sophisticated browser extension hijacking campaign.
Samsung rolled out a critical Galaxy update fixing 38 flaws, including a serious chip vulnerability, while Google issued no Android patches for July. Ingram Micro recovered from a ransomware attack, and Nippon Steel Solutions disclosed a March breach involving stolen corporate data.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!