Ruby on Rails Vulnerability Let Bypass CSRF Protections
Security experts revealed a critical vulnerability in Ruby on Rails that allows attackers to bypass Cross-Site Request Forgery (CSRF) protections....
Read more →Author: Cybernoz
The Quantum Threat Is Closer Than You Think: Why Critical Infrastructure Must Act Now
For decades, our digital world has relied on cryptography to keep secrets safe. From the passwords we type into banking...
Read more →
Is the Investigatory Powers Tribunal powerless?
According to a recent finding by a panel of five tribunal judges, the Investigatory Powers Tribunal (IPT) has no statutory...
Read more →
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Hive0117 group targets Russian firms with new variant of DarkWatchman malware Pierluigi Paganini May 01, 2025 Hive0117 targets Russian firms...
Read more →
Oracle VirtualBox Vulnerability Exposes Systems to Privilege Escalation Attacks
A critical security flaw in Oracle VM VirtualBox (CVE-2024-21113) has been patched after researchers discovered it could allow local attackers...
Read more →
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
May 01, 2025Ravie LakshmananZero-Day / Threat Intelligence Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor...
Read more →
Two SonicWall SMA100 flaws actively exploited in the wild
Two SonicWall SMA100 flaws actively exploited in the wild Pierluigi Paganini May 01, 2025 SonicWall confirmed that threat actors actively...
Read more →
How CISOs Can Balance Innovation and Security in a Digital-First World
In today’s fast-paced digital landscape, CISOs play a pivotal role in organizational success, navigating the critical balance of innovation vs...
Read more →
FBI Uncovers 42,000 Phishing Domains Tied to LabHost PhaaS Operation
The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated with the notorious LabHost phishing-as-a-service...
Read more →
SonicWall OS Command Injection Vulnerability Exploited in the Wild
SonicWall has issued an urgent warning to customers that threat actors are actively exploiting a high-severity command injection vulnerability in...
Read more →
North Korea Stole Your Job
Even security experts can be fooled. In July 2024, Knowbe4, a Florida-based company that offers security training, discovered that a...
Read more →
Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code
A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered, enabling remote attackers to execute arbitrary...
Read more →