GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Nov 11, 2025Ravie LakshmananMalware / Network Security The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March,…
Author: Cybernoz
Russian-sold Android RAT boasts full device espionage as MaaS
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS Pierluigi Paganini November 11, 2025 Researchers found Fantasy Hub, a Russian MaaS Android RAT…
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor…
New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems
VanHelsing has emerged as a sophisticated ransomware-as-a-service operation that fundamentally changes the threat landscape for organizations worldwide. First observed on March 7, 2025, this multi-platform…
New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions
A sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered…
BigBear.ai to buy Ask Sage, strengthening security-centric AI for federal agencies
Virginia-based BigBear.ai announced Monday it will acquire Ask Sage, a generative artificial intelligence platform specializing in secure deployment of AI models and agentic systems across…
Modern Patch Management – Strategies to patch faster with less risk
Unpatched vulnerabilities continue to top the list of root causes in major security breaches, and yet, most organizations still struggle to fix them fast enough.…
Android Remote Data-Wipe Malware Attacking Users Leveraging Google’s Find Hub
A sophisticated remote data-wipe attack targeting Android devices has emerged, exploiting Google’s Find Hub service to execute destructive operations on smartphones and tablets across South…
Phishing Scam Uses Big-Name Brands to Steal Logins
A recent investigation by Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated phishing campaign exploiting globally recognized and regional brands to steal user…
Patch now: Samsung zero-day lets attackers take over your phone
A critical vulnerability has put Samsung mobile device owners at risk of sophisticated cyberattacks. On November 10, 2025, the US Cybersecurity and Infrastructure Security Agency…
Major software issue occurred in PSNI system for managing emergency calls
A “major issue” with the ControlWorks software used by police to monitor emergency calls led to a delay in officers receiving critical information during a…
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code…