Legit tools, illicit uses: Velociraptor, Nezha turned against victims
Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the…
Author: Cybernoz
WordPress Plugin flaw lets hackers access Admin accounts
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts Pierluigi Paganini October 09, 2025 Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in…
![[tl;dr sec] #300 - Security Headcount Ratios + Hiring Plan, MCP Security, Compliance](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-300-Security-Headcount-Ratios-Hiring-Plan.png)
[tl;dr sec] #300 – Security Headcount Ratios + Hiring Plan, MCP Security, Compliance
I hope you’ve been doing well! Episode 300 This issue will be a bit shorter as I’ve been in Tahoe all week with my Semgrep…
Risk mitigation budgets swell as enterprise AI adoption grows
Dive Brief: Enterprises are directing more resources to governance as AI risks come into clearer view, according to a September OneTrust report that surveyed 1,250…
Windows Backup now available for enterprise users
Microsoft announced this week the general availability of Windows Backup for Organizations, a new enterprise-grade backup tool that helps simplify backups and makes the transition…
KFC Venezuela Alleged Data Breach
A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on…
Microsoft Azure Experiences Global Outage Disrupting Cloud Services Worldwide
Microsoft Azure suffered a significant service interruption that left many customers unable to reach cloud resources. The incident began at roughly 07:40 UTC, when Azure…
HTTP/1.1 must die: Dafydd Stuttard on what this means for enterprise security
Andrzej Matykiewicz | 09 October 2025 at 14:06 UTC At Black Hat USA 2025 and DEF CON 33, PortSwigger’s Director of Research, James Kettle, unveiled…
Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company’s cloud backup service are affected by the security breach last month. Previously, the vendor stated…
SquareX Reveals AI Browsers Vulnerable to OAuth Attacks and Malware Threats
Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that…
SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution
Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that…
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
Oct 09, 2025Ravie LakshmananCloud Security / Network Security SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who…