The missing cybersecurity leader in small business
The average cyberattack costs for a small- or medium-size business is more than $250,000. The salary for a chief information security officer (CISO) is about…
Author: Cybernoz
AI security is repeating endpoint security’s biggest mistake
The posture-first approach revealed its limitations as the endpoint attack surface exploded. The industry faced visibility gaps and realized you cannot harden what you cannot…
NIST revises PNT services cybersecurity guidance under CSF 2.0 to address GPS disruption, AI risks, supply chain threats
The U.S. National Institute of Standards and Technology (NIST) released a draft revision of NISTIR 8323 Rev. 2, updating its foundational Positioning, Navigation, and Timing…
Polish ABW warns cyberattacks shifting from espionage and data theft toward physical disruption of critical infrastructure
Poland’s Internal Security Agency (ABW) disclosed that cyberattacks targeting ICS (industrial control systems) and public infrastructure escalated sharply through 2024 and 2025, with several incidents…
Everything We Know About CVE-2023-23397
Huntress has been tracking CVE-2023-23397, a critical vulnerability/0-day that impacts Microsoft Outlook. Unlike other exploits we’ve seen in the past, this exploit is particularly dangerous…
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON)…
macOS Malware Leverages Google Ads and Legitimate Claude.ai Shared Chats to Deliver Malware
Threat actors are executing a sophisticated malvertising campaign targeting macOS users via poisoned Google Ads and deceptive artificial intelligence applications. Researchers recently uncovered an operation…
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
Public references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the…
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments…
A week in security (May 4 – May 10)
Last week on Malwarebytes Labs: Stay safe! Browse like no one’s watching. Malwarebytes Privacy VPN encrypts your connection and never logs what you do, so the next…
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Ravie LakshmananMay 11, 2026Supply Chain Attack / Threat Intelligence A malicious Hugging Face repository managed to take a spot in the platform’s trending list by…
AI cyber attack threatens global financial crisis, warns International Monetary Fund
The International Monetary Fund (IMF) has said that artificial intelligence (AI)-powered cyber attacks could create a worldwide financial crisis. “AI-driven cyber risks could destabilise the…