From threats to apology, hackers pull child data offline after public backlash
Last week we yelled at some “hackers” that threatened parents after stealing data from their children’s nursery. This followed a BBC report that a group calling…
Author: Cybernoz
Interview: Sacha Vaughan, chief supply chain officer, Joseph Joseph
Sacha Vaughan, chief supply chain officer at houseware manufacturer Joseph Joseph, is in a fortunate position – her board recognises the critical role of the…
MokN Raises $3 Million for Phish-Back Solution
French cybersecurity startup MokN today announced raising €2.6 million (~$3 million) for its deception-based identity protection solution. The investment round was led by Moonfire, with…
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. While the…
New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program
The resurgence of XWorm in mid-2025 marks a significant escalation in malware sophistication. After a lull following the abrupt discontinuation of official support for version…
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum xss[.]is advertising a novel Malware-as-a-Service…
How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing…
Software engineering limited by lack of full automation
A survey by Coleman Parkes for Harness has found that the use of artificial intelligence (AI) in software development is on the rise, but there…
Critical Splunk Vulnerabilities Affect Multiple Versions
Splunk has disclosed six critical security vulnerabilities impacting multiple versions of both Splunk Enterprise and Splunk Cloud Platform. These Splunk vulnerabilities, collectively highlighting serious weaknesses…
Unauthenticated RCE Flaw Patched in DrayTek Routers
DrayTek on Thursday announced patches for an unauthenticated remote code execution (RCE) vulnerability affecting DrayOS routers. Tracked as CVE-2025-10547, the issue can be exploited via…
Gmail business users can now send encrypted emails to anyone
Google says that Gmail enterprise users can now send end-to-end encrypted emails to people who use any email service or platform. To send an end-to-end…
Chinese Hackers Compromising High-Value IIS Servers to Manipulate Search Rankings
The Chinese-speaking cybercrime group UAT-8099 has been stealthily breaching valuable Internet Information Services (IIS) servers in India, Thailand, Vietnam, Canada, and Brazil to carry out…