LLM-Powered MalTerminal Malware Uses OpenAI GPT-4 to Create Ransomware Code
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research…
Author: Cybernoz
Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Oct 10, 2025Ravie LakshmananVulnerability / Zero-Day Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and…
ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities
Trend Micro’s Zero Day Initiative (ZDI) this week published 13 advisories describing unpatched vulnerabilities in Ivanti Endpoint Manager. One of the flaws allows local attackers…
SnakeKeylogger via Weaponized E-mails Leverage PowerShell to Exfiltrate Sensitive Data
Emerging from a recent wave of targeted campaigns, SnakeKeylogger has surfaced as a potent infostealer that capitalizes on PowerShell and social engineering. The malware’s operators…
North Korean Scammers Are Doing Architectural Design Now
“The plans are being used and being built,” says Michael “Barni” Barnhart, a leading authority in North Korean hacking and cyber threats, who works for…
Gladinet CentreStack and Triofox 0-Day Flaw Under Active Attack
Gladinet CentreStack and Triofox have come under active attack as threat actors exploit an unauthenticated local file inclusion flaw (CVE-2025-11371). The flaw lets attackers read…
Payroll Pirates Are Exploiting Trust, Not Technology
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The threat actor, known as Storm-2657, is exploiting…
Apple Bug Bounty Update: Top Payout $2 Million, $35 Million Paid to Date
Apple on Friday announced significant updates to its bug bounty program and the company is now offering up to $2 million for complex exploit chains. …
U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 10, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to…
New Android Malware ClayRat Mimic as WhatsApp, Google Photos to Attack Users
A sophisticated Android spyware campaign dubbed ClayRat has emerged as one of the most concerning mobile threats of 2025, masquerading as popular applications including WhatsApp,…
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits
Since launching its bug bounty program nearly a decade ago, Apple has always touted notable maximum payouts—$200,000 in 2016 and $1 million in 2019. Now…
RondoDox Botnet Targets Over 50 Vulnerabilities to Compromise Routers, CCTV Systems, and Web Servers
The RondoDox campaign’s “exploit shotgun” method leverages over 50 vulnerabilities across more than 30 vendors to infiltrate network devices, highlighting the urgent need for rapid…