New Android Spyware Attacking Android Users Mimic as Signal and ToTok Apps
In recent months, security teams have observed a surge in Android spyware campaigns that prey on privacy-conscious users by masquerading as trusted messaging apps. These…
Author: Cybernoz
DrayOS Router Flaw Allows Remote Code Execution by Attackers
A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes of ChapsVision, the flaw stems…
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
Cybersecurity experts are on high alert as a group claiming ties to the infamous Cl0p ransomware gang is bombarding companies with emails that threaten to…
From threats to apology, hackers pull child data offline after public backlash
Last week we yelled at some “hackers” that threatened parents after stealing data from their children’s nursery. This followed a BBC report that a group calling…
Interview: Sacha Vaughan, chief supply chain officer, Joseph Joseph
Sacha Vaughan, chief supply chain officer at houseware manufacturer Joseph Joseph, is in a fortunate position – her board recognises the critical role of the…
MokN Raises $3 Million for Phish-Back Solution
French cybersecurity startup MokN today announced raising €2.6 million (~$3 million) for its deception-based identity protection solution. The investment round was led by Moonfire, with…
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. While the…
New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program
The resurgence of XWorm in mid-2025 marks a significant escalation in malware sophistication. After a lull following the abrupt discontinuation of official support for version…
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum xss[.]is advertising a novel Malware-as-a-Service…
How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing…
Software engineering limited by lack of full automation
A survey by Coleman Parkes for Harness has found that the use of artificial intelligence (AI) in software development is on the rise, but there…
Critical Splunk Vulnerabilities Affect Multiple Versions
Splunk has disclosed six critical security vulnerabilities impacting multiple versions of both Splunk Enterprise and Splunk Cloud Platform. These Splunk vulnerabilities, collectively highlighting serious weaknesses…