Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)
Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!) Pierluigi Paganini March 27, 2025 Arkana Security, a...
Read more →Author: Cybernoz
![[tl;dr sec] #271 - Threat Modeling (+ AI), Backdoored GitHub Actions, Compromising a Threat Actor's Telegram](https://cybernoz.com/wp-content/uploads/2025/03/1743072871_tldr-sec-271-Threat-Modeling-AI-Backdoored-GitHub.png)
[tl;dr sec] #271 – Threat Modeling (+ AI), Backdoored GitHub Actions, Compromising a Threat Actor’s Telegram
Threat modeling (with) LLMs, tj-actions woes, reading a threat actor’s Telegram C2 I hope you’ve been doing well! Working on...
Read more →
Security Update: Publicly Exposed Ingress NGINX Admission
A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes...
Read more →
Intigriti insights into latest beg bounty scam
The Intigriti team have recently observed an abuse scenario, trending across the industry, where malicious actors are posing as legitimate...
Read more →
My information was stolen. Now what?
Back in May 2023, I wrote the blogpost You may not care where you download software from, but malware does...
Read more →
Commerce limits 19 Chinese, Taiwanese companies from buying U.S. tech
The Commerce Department plans to finalize economic sanctions this week on nearly 20 Chinese and Taiwanese organizations, citing the need...
Read more →
UK fines software provider £3.07 million for 2022 ransomware breach
The UK Information Commissioner’s Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022...
Read more →
Kathryn Thornton: First Service Mission to the Hubble Space Telescope
The veteran of four space missions discusses challenges faced by the Hubble Space Telescope and how human ingenuity and teamwork...
Read more →
The Hidden Risks Lurking in Your Business Logic
Modern organizations are becoming increasingly reliant on agentic AI, and for good reason: AI agents can dramatically improve efficiency and...
Read more →
DrayTek routers face active exploitation of older vulnerabilities
Dive Brief: Researchers warn that three older vulnerabilities in DrayTek routers have been actively exploited in recent weeks, which coincides...
Read more →
Intelligence chiefs insist Signal chat was a simple mistake
U.S. intelligence leaders found themselves under intensified scrutiny from Congress for a second straight day, following revelations that significant military...
Read more →
Zero-click exploit abusing Firefox and Windows zero days
The backdoor can execute commands and lets attackers download additional modules onto the victim’s machine, ESET research finds 26 Nov...
Read more →