Hackers now use Velociraptor DFIR tool in ransomware attacks
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. Cisco Talos…
Author: Cybernoz
New Quishing Attack With Weaponized QR Code Targeting Microsoft Users
Microsoft users are facing a novel quishing campaign that leverages weaponized QR codes embedded in malicious emails. Emerging in early October 2025, this attack exploits…
Google says ‘likely over 100’ affected by Oracle-linked hacking campaign
Google said there were likely to be more than 100 companies affected by an ambitious hacking campaign that targeted Oracle’s suite of business products, an…
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware Pierluigi Paganini October 09, 2025 ClayRat Android spyware targets Russian users via fake Telegram…
Hackers target universities in “payroll pirate” attacks
A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in “pirate payroll” attacks since March…
Threat Actors Mimic as HR Departments to Steal Your Gmail Login Credentials
A sophisticated phishing campaign has emerged targeting job seekers through legitimate Zoom document-sharing features, demonstrating how cybercriminals exploit trusted platforms to harvest Gmail credentials. The…
Fake VPN and streaming app drops malware that drains your bank account
Security researchers are warning Android users to delete a fake VPN and streaming app that can let criminals take over their phones and drain their…
Hackers Upgraded ClickFix Attack With Cache Smuggling to Secretly Download Malicious Files
Cybersecurity researchers have uncovered a sophisticated evolution of the ClickFix attack methodology, where threat actors are leveraging cache smuggling techniques to avoid traditional file download…
Microsoft Defender mistakenly flags SQL Server as end-of-life
Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as…
New Polymorphic Python Malware Repeatedly Mutate its Appearance at Every Execution Time
A recently discovered Python-based remote access trojan (RAT) exhibits unprecedented polymorphic behavior, altering its code signature each time it runs. First observed on VirusTotal, the…
The Evolution of UTA0388’s Espionage Malware
Oct 09, 2025Ravie LakshmananCyber Espionage / Artificial Intelligence A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North…
RondoDox botnet targets 56 n-day flaws in worldwide attacks
A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. The attacker…