$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses…
Author: Cybernoz
New MatrixPDF toolkit turns PDFs into phishing and malware lures
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect…
Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years
Researchers at Palo Alto Networks say a Chinese-linked cyberespionage group has been targeting foreign ministries, embassies, and military-related communications by breaking into Microsoft Exchange email…
VMware Vulnerability CVE-2025-41244 Exploited For A Year
A newly listed VMware zero-day vulnerability has been actively exploited by Chinese state-sponsored threat actors for almost a year, according to security researchers. The vulnerability,…
DOJ, Georgia Tech affiliate company settle over alleged failure to meet DOD contract cyber requirements
A company affiliated with the Georgia Institute of Technology agreed to pay $875,000 to the U.S. government to settle a case involving allegations that it…
Windows 11 2025 Update (25H2) is now available, Here’s what’s new
Today, Microsoft announced the general availability of Windows 11 25H2, also known as Windows 11 2025 Update. Windows 11 25H2 is a minor update, and…
APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials
In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks…
Cloud provider publishes ‘tech sovereignty’ plan for UK
The government should reframe its technology strategy to ensure the UK does not lose control of its digital infrastructure and data in the fallout of…
Watchdog: Cyber threat information-sharing program’s future uncertain with expected expiration of 2015 law
The Cybersecurity and Infrastructure Security Agency doesn’t have any plans in place for continuing a threat information-sharing program should a 2015 law that laid the…
Critical WD My Cloud bug allows remote command injection
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary…
New China-Linked Hacker Group Hits Governments With Stealth Malware
Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a…
MPs press outsourcer TCS over Jaguar cyber attack
The UK government has reached out to Indian IT outsourcer Tata Consultancy Services (TCS) seeking answers from CEO Krithi Krithivasan over its alleged involvement in…