PoC Exploit Released for Critical Lua Engine Vulnerabilities
Three newly disclosed vulnerabilities have been identified in the Lua scripting engine of Redis 7.4.5, each presenting severe risks of remote code execution and privilege…
Author: Cybernoz
ASCII Smuggling Attack in Gemini Tricks AI Agents into Revealing Smuggled Data
Enterprise AI assistants face a hidden menace when invisible control characters are used to smuggle malicious instructions into prompts. In September 2025, FireTail researcher Viktor Markopoulos…
IT Sustainability Think Tank: Don’t believe Big Tech’s green IT hype
When I first started in IT asset disposition more than two decades ago, sustainability barely registered in boardroom discussions. Regulations such as the WEEE Directive…
Radiflow Unveils New OT Security Platform
Industrial cybersecurity firm Radiflow has unveiled a new platform for mid-sized enterprises. The new platform, named Radiflow360, leverages AI to provide enhanced visibility, risk management,…
Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution
Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution Pierluigi Paganini October 08, 2025 Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via…
OpenAI Banned ChatGPT Accounts Used by Chinese Hackers to Develop Malware
OpenAI announced it has banned a series of ChatGPT accounts linked to Chinese state-affiliated hacking groups that used the AI models to refine malware and…
77% of Employees Share Company Secrets on ChatGPT Compromising Enterprise Policies
In an era where AI and SaaS applications underpin daily workflows, organizations face an unprecedented challenge: the invisible exfiltration of sensitive information. Traditional, file-based data…
New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens
Cybersecurity researchers at Point Wild’s Lat61 Threat Intelligence Team have found a new infostealer called Shuyal Stealer, a malware strain designed to steal login credentials…
“Can you test my game?” Fake itch.io pages spread hidden malware to gamers
You get a message from a Discord friend. Or maybe an unknown indie developer reaches out to you. “Can you test my game?” they ask. …
Western Sydney University Email Scam Sparks Student Alarm
Western Sydney University has recently fallen victim to a scam involving fraudulent emails sent to current students and alumni. These emails falsely claimed that recipients’…
DraftKings Warns Users of Credential Stuffing Attacks
Sports betting firm DraftKings is notifying users of a recent credential stuffing campaign targeting their online accounts. The attacks, the company says in a notification…
Attacks on Palo Alto PAN-OS Global Protect Login Portals Surge from 2,200 IPs
A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October…