December, 2025 - Cybernoz

M-Files Vulnerability Allows Attackers to Steal Active User Session Tokens

A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation…

December 25, 2025 Cybernoz 2 min read

GBHackers

Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files

SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate…

December 24, 2025 Cybernoz 3 min read

GBHackers

NVIDIA Isaac Vulnerabilities Enable Remote Code Execution Attacks

NVIDIA released critical security updates for its Isaac Launchable platform on December 23, 2025, addressing three severe vulnerabilities that could allow unauthenticated attackers to execute…

December 24, 2025 Cybernoz 2 min read

Securityaffairs

FBI seized ‘web3adspanels.org’ hosting stolen logins

FBI seized ‘web3adspanels.org’ hosting stolen logins Pierluigi Paganini December 24, 2025 The U.S. seized the ‘web3adspanels.org’ domain and database used by cybercriminals to store stolen…

December 24, 2025 Cybernoz 2 min read

GBHackers

Microsoft Enhances BitLocker with Hardware Acceleration Support

Microsoft has officially announced a major upgrade to its encryption technology with the introduction of hardware-accelerated BitLocker. Revealed by Microsoft’s Rafal Sosnowski following the Ignite…

December 24, 2025 Cybernoz 2 min read

GBHackers

Malware Delivery via AitM and DNS Poisoning

Evasive Panda, a sophisticated threat actor known by the aliases Bronze Highland, Daggerfly, and StormBamboo, has escalated its offensive capabilities through a two-year campaign that…

December 24, 2025 Cybernoz 3 min read

Cyber Security Ventures

Microsoft On Women In Cybersecurity At Black Hat Europe 2025 In London

Cybercrime Magazine met with Alex Zoldova, Board Member, Women In Cybersecurity at Microsoft when we were at Black Hat Europe 2025 in London. Zoldova spoke with us…

December 24, 2025 Cybernoz 1 min read

TheHackerNews

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means…

December 24, 2025 Cybernoz 2 min read

Securityaffairs

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns Pierluigi Paganini December 24, 2025 The FCC announced a ban on drones and…

December 24, 2025 Cybernoz 2 min read

Bleeping Computer

Microsoft rolls out hardware-accelerated BitLocker in Windows 11

Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. BitLocker…

December 24, 2025 Cybernoz 2 min read

Bleeping Computer

FBI seizes domain storing bank credentials stolen from U.S. victims

The U.S. government has seized the ‘web3adspanels.org’ domain and the associated database used by cybercriminals to host bank login credentials stolen in account takeover attacks.…

December 24, 2025 Cybernoz 2 min read

Bleeping Computer

MongoDB warns admins to patch severe RCE flaw immediately

MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code execution (RCE) attacks targeting vulnerable servers. Tracked…

December 24, 2025 Cybernoz 2 min read