Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability
The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on...
Read more →Author: Cybernoz
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox
August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could...
Read more →
Germany limits police spyware use to serious crimes
Germany limits police spyware use to serious crimes Pierluigi Paganini August 09, 2025 Germany’s top court ruled police can use...
Read more →
A Cobalt Strike Like Tool That Turns Chrome into C2 Platform
At DEF CON 33, security researcher Mike Weber of Praetorian Security unveiled ChromeAlone — a Chromium-based browser Command & Control...
Read more →
CastleBot MaaS Unleashes Diverse Payloads in Coordinated Ransomware Attacks
IBM X-Force has uncovered CastleBot, a nascent malware framework operating as a Malware-as-a-Service (MaaS) platform, enabling cybercriminals to deploy a...
Read more →
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom Pierluigi Paganini August 09, 2025 WinRAR flaw CVE-2025-8088, fixed in v7.13,...
Read more →
5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines
A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one...
Read more →
Threat Actors Using Typosquatted PyPI Packages to Steal Cryptocurrency from Bittensor Wallets
A sophisticated cryptocurrency theft campaign has emerged targeting the Bittensor ecosystem through malicious Python packages distributed via the Python Package...
Read more →
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email
A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach...
Read more →
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and HashiCorp that, if successfully exploited,...
Read more →
DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation
A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls....
Read more →
Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access...
Read more →