Fake Social Security Statement emails trick users into installing remote tool
Fake emails pretending to come from the US Social Security Administration (SSA) try to get targets to install ScreenConnect, a remote access tool. This campaign…
Month: April 2025
Indian Court ordered to block email service Proton Mail
Indian Court ordered to block email service Proton Mail Pierluigi Paganini April 30, 2025 Indian Court ordered a nationwide block of the privacy-oriented email service…
Using AI to find web app vulnerabilities: hacking expert John Hammond takes Burp AI for a spin | Blog
Amelia Coen | 30 April 2025 at 13:23 UTC 1000s of pentesters are currently using Burp AI features to hack smarter by eliminating tedious tasks…
Ascension discloses new data breach after third-party hacking incident
Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a…
Researchers Uncovered RansomHub operation and it’s Relation With Qilin ransomware
Security researchers have identified significant connections between two major ransomware-as-a-service (RaaS) operations, with evidence suggesting affiliates from the recently-disabled RansomHub group may have migrated to…
UK Retail Giant Co-op Shuts Down IT Systems After Cyberattack Attempt
The Co-operative Group has confirmed it shut down parts of its IT network after detecting an attempted cyberattack, in what is the latest incident to…
Airplay-enabled devices open to attack via “AirBorne” vulnerabilities
Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise AirPlay-enabled devices developed and sold…
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
Apr 30, 2025Ravie LakshmananMalware / DNS Security A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called…
New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites
The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that masquerades as a legitimate plugin, often named ‘WP-antymalwary-bot.php.’ First detected on…
Google Introduces Agentic AI to Combat Cybersecurity Threats
Google enhances cybersecurity with Agentic AI, launching Unified Security to fight zero-day exploits, enterprise threats, and credential-based attacks. Google’s Threat Intelligence Group (GTIG) has released…
![[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats](https://image.cybernoz.com/wp-content/uploads/2025/04/Free-Webinar-Guide-to-Securing-Your-Entire-Identity-Lifecycle-Against.jpg)
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats
Apr 30, 2025The Hacker News How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to…
Firefox 138 Launches with Patches for Several High-Severity Flaws
Mozilla has officially released Firefox 138, marking a significant update focused on user security. The new version addresses multiple high-severity vulnerabilities, following the Mozilla Foundation…