Cyber Attack Exposes LNER Train Passengers’ Personal Data
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some…
Author: Cybernoz
Senator Urges FTC Probe Into Microsoft After Ascension Ransomware Attack
US Senator Ron Wyden urges the FTC to investigate Microsoft after its software contributed to a major ransomware attack on Ascension Hospital, exposing 5.6 million…
Microsoft adds malicious link warnings to Teams private chats
Microsoft Teams will automatically alert users when they send or receive a private message containing links that are tagged as malicious. Microsoft will introduce these…
New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys,…
Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This technique lets an attacker abuse…
Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence
U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called “gross cybersecurity…
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. The hackers are leverging the security…
What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve…
Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity
Sep 11, 2025Ravie LakshmananArtificial Intelligence / Mobile Security Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance…
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement experts and policymakers are due to meet on 12 September to decide on proposals to require technology companies, such as Signal and WhatsApp,…
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern…
Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks
In early May 2025, security teams began observing a sudden rise in post-exploitation activity leveraging an open-source command-and-control framework known as AdaptixC2. Originally developed to…