October, 2025 - Cybernoz

CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks

CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting these…

October 29, 2025 Cybernoz 2 min read

GBHackers

Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files

A path traversal vulnerability discovered in Docker Compose allows attackers to write arbitrary files to host systems through specially crafted OCI artifacts. Tracked as CVE-2025-62725,…

October 29, 2025 Cybernoz 2 min read

TheHackerNews

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Oct 29, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information…

October 29, 2025 Cybernoz 2 min read

CyberSecurityNews

Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details

A threat actor has claimed responsibility for breaching HSBC USA, alleging possession of a vast database containing sensitive customer personal identifiable information (PII) and financial…

October 29, 2025 Cybernoz 2 min read

GBHackers

10 NPM Packages That Automatically Run on Install and Steal Credentials

A sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation. The malware uses…

October 29, 2025 Cybernoz 4 min read

HelpnetSecurity

Privado.ai introduces AI agents to automate privacy assessments and real-time data mapping

Privado.ai released several new capabilities to automate privacy assessments and data maps for privacy teams amid growing privacy enforcement for non-compliant personal data sharing. Leveraging…

October 29, 2025 Cybernoz 3 min read

Securityaffairs

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 29, 2025 U.S. Cybersecurity and Infrastructure Security Agency…

October 29, 2025 Cybernoz 2 min read

CyberSecurityNews

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the…

October 29, 2025 Cybernoz 3 min read

GBHackers

XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining

A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw,…

October 29, 2025 Cybernoz 2 min read

HelpnetSecurity

Palo Alto Networks launches Prisma AIRS 2.0 to deliver end-to-end security across the AI lifecycle

Palo Alto Networks announced Prisma AIRS 2.0, a major platform upgrade that completes the native integration of recently acquired Protect AI to deliver a comprehensive…

October 29, 2025 Cybernoz 3 min read

TheHackerNews

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Oct 29, 2025Ravie LakshmananVulnerability / Malware Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued…

October 29, 2025 Cybernoz 2 min read

Securityaffairs

Herodotus Android malware mimics human typing to evade detection

Herodotus Android malware mimics human typing to evade detection Pierluigi Paganini October 29, 2025 Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with…

October 29, 2025 Cybernoz 3 min read