Hidden “Glassworm” malware spreads through infected VS Code extensions
A new malware worm campaign has infected multiple Microsoft Visual Studio Code extensions using invisible Unicode characters to hide malicious code from both reviewers and…
Author: Cybernoz
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from…
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained…
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
Oct 22, 2025Ravie LakshmananVulnerability / Network Security TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs…
Hackers Exploit OAuth Apps to Keep Cloud Access Even After Password Resets
Cloud account takeover attacks have evolved beyond simple credential theft. Cybercriminals are now exploiting OAuth applications to maintain persistent access to compromised environments, bypassing traditional…
Companies want the benefits of AI without the cyber blowback
51% of European IT and cybersecurity professionals said they expect AI-driven cyber threats and deepfakes to keep them up at night in 2026, according to…
Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code
Google has swiftly addressed a high-severity flaw in its Chrome browser’s V8 JavaScript engine, releasing an emergency update to thwart potential remote code execution attacks.…
AI Disruption and Quantum Risks Emerge as Top Concerns for Critical Infrastructure Security
Thales has released the findings of its 2025 Data Threat Report: Critical Infrastructure Edition, which reveals that operators in energy, utilities, telecommunications and transportation are entering a…
Singapore International Cyber Week 2025: Shaping the Future of Cyber Resilience in the Indo-Pacific
Singapore International Cyber Week (SICW) 2025 opened this week with a powerful message — cybersecurity has become the defining currency of trust in the digital…
ACMA cracks down on mobile 000 ‘camp-on’ failures
The Australian Communications and Media Authority has tightened mobile phone testing standards and imposed new network equipment monitoring rules on carriers as the fallout over…
AWS Outage: Lessons Learned —
What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20,…
Do government services need a rethink for AI and automation?
Operational Delivery Profession (ODP), the public face of the civil service, must keep pace with advances in technology and artificial intelligence (AI), which has implications…