VMScape: Academics Break Cloud Isolation With New Spectre Attack
A group of academic researchers from the ETH Zurich university have devised a new attack that breaks existing virtualization isolation to leak arbitrary memory and…
Author: Cybernoz
CISA pledges robust support for funding, further development of CVE program
The Cybersecurity and Infrastructure Security Agency said it remains firmly committed to supporting and further enhancing the Common Vulnerabilities and Exposures program, which is a…
CISA warns of actively exploited Dassault RCE vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management…
AI-powered Pentesting Tool ‘Villager’ Combines Kali Linux Tools with DeepSeek AI for Automated Attacks
New AI-powered penetration testing framework Villager combines Kali Linux toolsets with DeepSeek AI models to fully automate cyber attack workflows. Initially developed by the Chinese-based…
SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware
New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st and Winos malware. A new cyberattack campaign…
AI browsers or agentic browsers: a look at the future of web surfing
Browsers like Chrome, Edge, and Firefox are our traditional gateway to the internet. But lately, we have seen a new generation of browsers emerge. These…
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
Sep 12, 2025Ravie Lakshmanan Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of…
EU Data Act comes into force amid fears of regulation fatigue
The European Union (EU) Data Act comes into force today (12 September 2025), giving, says the European Commission, citizens control over data generated by their…
CISA: CVE Program to Focus on Vulnerability Data Quality
The US cybersecurity agency CISA believes that expanded partnerships, government sponsorships, transparency, modernization, and better vulnerability data quality are the next step in advancing the…
Sidewinder Hacker Group Weaponizing LNK File to Execute Malicious Scripts
The notorious APT-C-24 threat actor group, commonly known as Sidewinder or Rattlesnake, has evolved its attack methodology by deploying sophisticated LNK file-based phishing campaigns targeting…
HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot
ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and…
From Fitbit to financial despair: How one woman lost her life savings and more to a scammer
We hear so often about people falling for scams and losing money. But we often don’t find out the real details of what happened, and…