October, 2025 - Cybernoz

Critical ASP.NET Vulnerability Allows Attacker To Bypass Security Feature Remotely

Microsoft has disclosed a serious security flaw in ASP.NET Core that enables authenticated attackers to smuggle HTTP requests and evade critical protections. Tracked as CVE-2025-55315,…

October 21, 2025 Cybernoz 2 min read

GBHackers

CISA Warns of Actively Exploited Windows SMB Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning…

October 21, 2025 Cybernoz 2 min read

TheHackerNews

Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network

Oct 21, 2025Ravie LakshmananCyber Espionage / Network Security A European telecommunications organization is said to have been targeted by a threat actor that aligns with…

October 21, 2025 Cybernoz 2 min read

CyberSecurityNews

ZYXEL Authorization Bypass Vulnerability Let Attackers View and Download System Configuration

A critical vulnerability in Zyxel’s ATP and USG series firewalls that allows attackers to bypass authorization controls and access sensitive system configurations. Dubbed CVE-2025-9133, this…

October 21, 2025 Cybernoz 2 min read

GBHackers

Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT

From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed a sophisticated attack campaign targeting…

October 21, 2025 Cybernoz 3 min read

MalwareBytes

Home Depot Halloween phish gives users a fright, not a freebie

We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart (that’s a sort of…

October 21, 2025 Cybernoz 4 min read

TheHackerNews

Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers

Oct 21, 2025Ravie LakshmananCyber Espionage / Threat Intelligence A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations…

October 21, 2025 Cybernoz 3 min read

GBHackers

AdaptixC2 Emerges in npm Supply-Chain Exploit Against Developers

Cybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the AdaptixC2 post-exploitation framework through a…

October 21, 2025 Cybernoz 3 min read

HelpnetSecurity

Agentic AI security: Building the next generation of access controls

As artificial intelligence (AI) solutions continue to evolve, the rise of agentic AI—intelligent systems that can act autonomously on behalf of an organization—presents new security…

October 21, 2025 Cybernoz 3 min read

GBHackers

CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation…

October 21, 2025 Cybernoz 2 min read

HelpnetSecurity

When everything’s connected, everything’s at risk

In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to…

October 21, 2025 Cybernoz 4 min read

CyberSecurityNews

Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily

A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated…

October 21, 2025 Cybernoz 2 min read