June, 2025 - Cybernoz

Server-Side Template Injection (SSTI): Advanced Exploitation Guide

Server-side template injection (SSTI) vulnerabilities still remain present in modern applications as developers continue to struggle with implementing proper input validations everywhere. And yet, despite…

June 15, 2025 Cybernoz 2 min read

Bleeping Computer

Over 46,000 Grafana instances exposed to account takeover bug

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.…

June 15, 2025 Cybernoz 2 min read

CyberDefenseMagazine

The Cost of Ignoring Patches: How State and Local Governments Can Mitigate Damaging Security Breaches

According to a recent report released by the Multi-State Information Sharing and Analysis Center, governmental agencies are facing an increase in ransomware attacks from nation-state actors…

June 15, 2025 Cybernoz 4 min read

Securityaffairs

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini June 15, 2025 A new round of the weekly Security Affairs newsletter…

June 15, 2025 Cybernoz 2 min read

HelpnetSecurity

Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)For June 2025…

June 15, 2025 Cybernoz 5 min read

Bleeping Computer

Anubis ransomware adds wiper to destroy files beyond recovery

The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encryptimg malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid.…

June 14, 2025 Cybernoz 3 min read

Bleeping Computer

WestJet investigates cyberattack disrupting internal systems

WestJet, Canada’s second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. “WestJet is aware…

June 14, 2025 Cybernoz 2 min read

CyberDefenseMagazine

Securing the Connected Factory Floor

As manufacturers strive to keep pace with changing demands and quickly evolving technologies, many are embracing digitalization and increased connectivity between information technology (IT) and…

June 14, 2025 Cybernoz 6 min read

CyberDefenseMagazine

Small Manufacturers, Big Target: The Growing Cyber Threat and How to Defend Against It

Digital transformation in manufacturing has opened doors to promising possibilities, but not without new risk exposure. With expansive transformation comes additional threats. As manufacturers embrace…

June 14, 2025 Cybernoz 5 min read

HackRead

How to Monetize Unity Apps: Best Practices

Unity is one of the most popular game engines for mobile and cross-platform app development. It powers millions of games and applications across platforms including…

June 14, 2025 Cybernoz 3 min read

CyberSecurityNews

Hundreds of WordPress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services

A sophisticated cybercriminal enterprise known as VexTrio has orchestrated one of the most extensive WordPress compromise campaigns ever documented, hijacking hundreds of thousands of websites…

June 14, 2025 Cybernoz 3 min read

CyberSecurityNews

Windows 11 24H2 KASLR Broken Using an HVCI-Compatible Driver with Physical Memory Access

A security researcher has published a detailed analysis demonstrating how Kernel Address Space Layout Randomization (KASLR) protections can be circumvented on Windows 11 24H2 systems…

June 14, 2025 Cybernoz 2 min read