September, 2025 - Cybernoz

Threat Actor Installed EDR on Their Systems, Revealing Workflows and Tools Used

A recent incident uncovered how a threat actor inadvertently exposed its entire operational workflow by installing a popular endpoint detection and response (EDR) agent on…

September 10, 2025 Cybernoz 3 min read

GBHackers

HackerOne Data Breach, Hackers Illegally Access Salesforce Environment

HackerOne, a leading vulnerability coordination platform, has confirmed that its Salesforce environment was compromised in a recent third-party data breach. The incident stemmed from an…

September 10, 2025 Cybernoz 2 min read

Cyberscoop

China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats

Major cyber intrusions by the Chinese hacking groups known as Salt Typhoon and Volt Typhoon have forced the FBI to change its methods of hunting…

September 10, 2025 Cybernoz 2 min read

Bleeping Computer

Cursor AI editor lets repos “autorun” malicious code on devices

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. Threat…

September 10, 2025 Cybernoz 3 min read

CyberSecurityNews

Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Let Attackers Gain Full Admin Access

A critical security vulnerability has been discovered in the Amp’ed RF BT-AP 111 Bluetooth Access Point, exposing organizations to significant security risks through an unauthenticated…

September 10, 2025 Cybernoz 2 min read

GBHackers

Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign

KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed…

September 10, 2025 Cybernoz 3 min read

Securityaffairs

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images Pierluigi Paganini September 10, 2025 Pixel 10 adds C2PA to…

September 10, 2025 Cybernoz 2 min read

Bleeping Computer

Microsoft waives fees for Windows devs publishing to Microsoft Store

Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store. The company said…

September 10, 2025 Cybernoz 2 min read

CyberSecurityNews

AsyncRAT Uses Fileless Loader to Bypass Detections and Gain Remote Access

Security researchers have recently observed a surge in sophisticated fileless malware campaigns targeting enterprise environments. AsyncRAT, a powerful Remote Access Trojan, leverages legitimate system tools…

September 10, 2025 Cybernoz 2 min read

GBHackers

Google Drive Desktop for Windows Flaw Lets Users Gain Full Access to Others’ Drives

Millions of people and businesses trust Google Drive every day to store important files like contracts, reports, photos, and research papers. The desktop app for…

September 10, 2025 Cybernoz 3 min read

Bleeping Computer

Hackers left empty-handed after massive NPM supply-chain attack

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but the attacker made little profit off it.…

September 10, 2025 Cybernoz 2 min read

CyberSecurityNews

CyberVolk Ransomware Attacking Windows System in Critical Infrastructure and Scientific Institutions

CyberVolk ransomware first emerged in May 2024, rapidly evolving into a sophisticated threat aimed at government agencies and critical infrastructure in countries perceived as hostile…

September 10, 2025 Cybernoz 3 min read