Windows Docker Desktop Vulnerability Allows Full Host Compromise
A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side…
Author: Cybernoz
The new battleground for CISOs is human behavior
Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only…
ChatGPT-5 Downgrade Attack Allows Hackers to Evade AI Defenses With Minimal Prompts
Security researchers from Adversa AI have uncovered a critical vulnerability in ChatGPT-5 and other major AI systems that allows attackers to bypass safety measures using…
Local governments struggle to defend critical infrastructure as threats grow
A small-town water system, a county hospital, and a local school district may not seem like front-line targets in global conflict, but they are. These…
New infosec products of the week: August 22, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Doppel, Druva, LastPass, and StackHawk. StackHawk empowers security teams to…
Microsoft plans full quantum-resistant cryptography transition by 2033
Microsoft has outlined a timeline to protect its services and customers from future quantum computing threats that could render current encryption methods obsolete. Majorana 1…
ChatGPT-5 Downgrade Attack Let Hackers Bypass AI Security With Just a Few Words
A critical vulnerability in OpenAI’s latest flagship model, ChatGPT-5, allows attackers to sidestep its advanced safety features using simple phrases. The flaw, dubbed “PROMISQROUTE” by…
Orange Belgium July data breach impacted 850,000 customers
Orange Belgium July data breach impacted 850,000 customers Pierluigi Paganini August 22, 2025 Orange Belgium revealed that a July attack resulted in the exposure of…
Draft CSF 2.0 Quick-Start Guide on Emerging Cybersecurity Risks
NIST has released the initial public draft (IPD) of Special Publication (SP) 1331, Quick-Start Guide for Using CSF 2.0 to Improve the Management of Emerging Cybersecurity…
Dev gets 4 years for creating kill switch on ex-employer’s systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that…
Chemist Warehouse runs AI on HR shared inbox
Chemist Warehouse is running AI on a shared email inbox for human resources queries from its 30,000 employees and store owners, using it to detect…
Apple discloses actively exploited zero-day affecting iOS, iPadOS and macOS
Apple rushed an emergency software update to its customers Wednesday to address an actively exploited zero-day vulnerability affecting the software powering the company’s most popular…