The who, where, and how of APT attacks in Q2 2025–Q3 2025
ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity Report 07 Nov 2025…
Author: Cybernoz
In memoriam: David Harley
Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security 07 Nov 2025 • …
Hackers Hijacking Samsung Galaxy Phones by Exploiting 0-Day Using a Single Image Via WhatsApp
A sophisticated spyware operation targeting Samsung Galaxy devices, dubbed LANDFALL, which exploited a zero-day vulnerability to infiltrate phones through seemingly innocuous images shared on WhatsApp.…
AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while simultaneously defending against attackers who…
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images
Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware,…
New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks
Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just an email address—even if the…
Threat Actors Leveraging RDP Credentials to Deploy Cephalus Ransomware
A newly identified ransomware group, Cephalus, has emerged as a significant threat to organizations worldwide, exploiting stolen Remote Desktop Protocol (RDP) credentials to gain access…
German ISP Aurologic GmbH has Become a Central Nexus for Hosting Malicious Infrastructure
German hosting provider aurologic GmbH has emerged as a central facilitator within the global malicious infrastructure ecosystem, providing upstream transit and data center services to…
The Government Shutdown Is a Ticking Cybersecurity Time Bomb
Amid a government shutdown that has dragged on for more than five weeks, the United States Congressional Budget Office said on Thursday that it recently…
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks Pierluigi Paganini November 07, 2025 A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited…
Russian national pleads guilty to breaking into networks for Yanluowang ransomware attacks
A 25-year-old Russian national pleaded guilty to multiple charges stemming from their participation in ransomware attacks and faces a maximum penalty up to 53 years…
Malicious NuGet packages drop disruptive ‘time bombs’
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices. The embedded…