Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT
Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT.…
Month: October 2025
Words as Weapons: What 300K Prompt Injection Attacks Taught Us About AI Security
The AI revolution has transformed how organizations operate, yet beneath the excitement of chatbots and autonomous agents lies a security crisis that most technology leaders…
Capita Fined £14 Million After Data Breach Exposes 6.6 Million Users
The UK’s Information Commissioner’s Office has imposed a £14 million penalty on Capita following a major cyber attack in March 2023 that exposed the personal…
Video call app Huddle01 exposed 600K+ user logs
The Cybernews research team found that video call app Huddle01 exposed email addresses, real names, and other identifiers through an unprotected Kafka broker. Think of…
![[tl;dr sec] #301 - Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-301-Security-Leadership-Master-Class-DEF-CON.png)
[tl;dr sec] #301 – Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot
I hope you’ve been doing well! Reflections and Cooking First off, thanks so much to everyone who reached out with kind and encouraging words after…
Maximum-severity Adobe flaw now exploited in attacks
CISA has warned that attackers are actively exploiting a maximum-severity vulnerability in Adobe Experience Manager to execute code on unpatched systems. Tracked as CVE-2025-54253, this…
Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware
Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent…
One Republican Now Controls a Huge Chunk of US Election Infrastructure
The news last week that Dominion Voting Systems was purchased by the founder and CEO of Knowink, a Missouri-based maker of electronic poll books, has…
Weaponizing Windows Scheduled Tasks for ValleyRAT Delivery
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized…
IT Sustainability Think Tank: How not to fall for Big Tech’s false green claims
By Published: 16 Oct 2025 When there is a flood of claims from technology suppliers and service providers, such as ‘net zero,’ ‘planet‑positive,’ and ‘100%…
China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack
China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack Pierluigi Paganini October 16, 2025 China-linked APT Jewelbug targeted a Russian IT provider for…
UAE Minister and technology experts caution against a surge in deepfake technology.
Minister and CEO under attack Social media and voice scams Saudi deepfakes surged by 600% The UAE’s economy minister, Abdullah Bin Touq Al Marri, sparked…