Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed denial-of-service (DDoS) botnet has swelled…
Month: September 2025
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting…
Google fixes critical Chrome flaw, researcher earns $43K
Google fixes critical Chrome flaw, researcher earns $43K Pierluigi Paganini September 11, 2025 Google addressed a critical use-after-free vulnerability in its Chrome browser that could…
![[tl;dr sec] #296 - AI Automates CVE -> Exploit, Apple Defeats Memory Corruption, Moar NPM Backdoors](https://image.cybernoz.com/wp-content/uploads/2025/09/tldr-sec-296-AI-Automates-CVE-Exploit-Apple.png)
[tl;dr sec] #296 – AI Automates CVE -> Exploit, Apple Defeats Memory Corruption, Moar NPM Backdoors
AI auto-generating exploits from CVEs for $3, not actually but Memory Integrity Enforcement makes it harder, surprisingly NPM packages were backdoored I hope you’ve been…
New EggStreme Malware With Fileless Capabilities Leverages DLL Sideloading to Execute Payloads
A previously unknown advanced persistent threat (APT) group has unleashed a new fileless malware framework, dubbed EggStreme, in a highly targeted espionage campaign against strategic…
Apple’s Big Bet to Eliminate the iPhone’s Most Targeted Vulnerabilities
Apple launched a slate of new iPhones on Tuesday loaded with the company’s new A19 and A19 Pro chips. Along with an ultra-thin iPhone Air…
Angular SSR Vulnerability Allows Attackers to Access Sensitive Data
A high vulnerability in Angular’s server-side rendering (SSR) feature can lead to sensitive data exposure when multiple requests are handled at the same time. This…
Cornwell Quality Tools Data Breach
Cornwell Quality Tools has disclosed a significant data breach that compromised the sensitive information of nearly 104,000 individuals. The incident involved unauthorized access to the…
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2…
Fake Bureau of Motor Vehicles texts are after your personal and banking details
Scammers are sending out texts that claim to be from the Bureau of Motor Vehicles (BMV), saying that you have outstanding traffic tickets. Here’s an…
How the retail sector teams up to defend against cybercrime
Listen to the article 10 min This audio is auto-generated. Please let us know if you have feedback. When devious young hackers penetrated the computer…
ChillyHell macOS Malware Profiles Compromised Machines and Maintain Persistence with 3 Methods
ChillyHell first surfaced on public malware repositories in early May 2025, although its developer-signed notarization dates back to 2021. This modular backdoor has eluded detection…