Container storage: Five key things you need to know
Most enterprises now run applications in containers, and so they must pay attention to how they store and manage data for containerised applications. The Nutanix…
Author: Cybernoz
Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data
Cybercriminals are increasingly exploiting a legitimate Microsoft 365 feature designed for enterprise convenience, turning Exchange Online’s Direct Send into a dangerous vector for phishing campaigns…
US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes
The Trump administration should reverse cyber personnel and budget cuts, strengthen the Office of the National Cyber Director and expand federal workforce initiatives, the successor…
Azure Apps Vulnerability Lets Hackers Create Malicious Apps Mimicking Microsoft Teams
Security flaws in Microsoft’s Azure ecosystem enable cybercriminals to create deceptive applications that imitate official services like the “Azure Portal. Varonis found that Azure’s safeguards,…
Axoflow Security Data Layer unifies data pipeline, storage, and analytics for security team
Axoflow has launched its Security Data Layer, extending its pipeline offering with multiple storage solutions. The Security Data Layer addresses challenges in log management, SIEM…
Why You Should Swap Passwords for Passphrases
Oct 22, 2025The Hacker NewsData Breach / Enterprise Security The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The…
How “Unseeable Prompt Injections” Threaten AI Agents
A new form of attack is targeting browsers with built-in AI assistants. Researchers at Brave have found that seemingly harmless screenshots and web pages can…
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers,…
Bitter APT Exploits WinRAR Zero-Day Through Malicious Word Files to Steal Sensitive Data
In a newly uncovered campaign, the threat group known as Bitter—also tracked as APT-Q-37—has leveraged both malicious Office macros and a previously undocumented WinRAR path…
Elastic introduces Agent Builder to simplify AI agent development
Elastic released Agent Builder, a complete set of capabilities powered by Elasticsearch, that makes it easy for developers to build custom AI agents on company…
Threat Actors Allegedly Selling Monolock Ransomware on Dark Web Forums
Monolock ransomware has surfaced in underground forums, with threat actors advertising version 1.0 for sale alongside stolen corporate credentials. First detected in late September, the…
New GlassWorm Using Invisible Code Hits Attacking VS Code Extensions on OpenVSX Marketplace
Over the past week, cybersecurity professionals have been gripped by the emergence of GlassWorm, a highly sophisticated, self-propagating malware campaign targeting VS Code extensions on…