Chinese APT Group IT Service Provider Leveraging Microsoft Console Debugger to Exfiltrate Data
In early 2025, a novel campaign attributed to the Chinese APT group known as Jewelbug began targeting an IT service provider in Russia. The attackers…
Author: Cybernoz
F5 Confirms Nation-State Breach, Source Code and Vulnerability Data Stolen
F5 has confirmed it was the victim of a state-sponsored cyberattack that allowed hackers to access its internal systems and steal valuable technical data. The…
New SAP NetWeaver Vulnerabilities Allow Attackers to Bypass Authorization and Execute OS Commands
SAP released its October 2025 Security Patch Day fixes, addressing 13 new vulnerabilities and updating four prior notes, with several critical flaws in NetWeaver enabling…
Microsoft Patch Tuesday Oct 2025 Fixs 175 Vulnerabilities including 3 Zero-Days
Microsoft Patch Tuesday for October 2025 was massive, delivering over 170 security fixes, making immediate patching mandatory due to the volume and critical nature of…
Scammers are still sending us their fake Robinhood security alerts
A short while ago, our friends at Malwaretips wrote about a text scam impersonating Robinhood, a popular US-based investment app that lets people trade stocks…
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
Oct 15, 2025Ravie LakshmananVulnerability / Threat Intelligence U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files…
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the…
GhostBat RAT Android Malware With Fake RTO Apps Steals Targeting Indian Users to Steal Banking Data
The GhostBat RAT campaign has emerged as a sophisticated threat targeting Indian Android users through counterfeit Regional Transport Office (RTO) applications. First observed in mid-2025,…
ETSI Security Conference 2025 – Securing Japan’s IoT Future with Mizuki Kitajima (METI)
At the ETSI Security Conference 2025, we spoke with Mizuki Kitajima, Deputy Director of the Security Division at Japan’s Ministry of Economy, Trade and Industry…
TikTok scam sells you access to your own fake money
This scam starts in your TikTok DMs. A brand-new account drops a melodramatic message—terminal illness, last goodbye, “I left you some assets.” At the bottom:…
Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk
Fortune 100 companies have sharply increased their public disclosures and oversight over AI strategy and related risks, as a growing number of companies rush to…
Sept Windows Server updates cause Active Directory issues
Microsoft has confirmed that the September 2025 security updates are causing Active Directory issues on Windows Server 2025 systems. As the company explains in a Windows…