LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines.…
Author: Cybernoz
Active Exploitation Of Windows SMB Flaw CVE-2025-33073 Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a high-severity Windows vulnerability, tracked as CVE-2025-33073. This…
Windows 11 KB5070773 emergency update fixes Windows Recovery issues
Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing…
New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER
Russian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a rapidly evolving malware campaign following…
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The search for a new job, especially with a slow labour market in the US, has become the perfect opportunity for scammers to trap unsuspecting…
Critical ASP.NET Vulnerability Allows Attacker To Bypass Security Feature Remotely
Microsoft has disclosed a serious security flaw in ASP.NET Core that enables authenticated attackers to smuggle HTTP requests and evade critical protections. Tracked as CVE-2025-55315,…
CISA Warns of Actively Exploited Windows SMB Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning…
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
Oct 21, 2025Ravie LakshmananCyber Espionage / Network Security A European telecommunications organization is said to have been targeted by a threat actor that aligns with…
ZYXEL Authorization Bypass Vulnerability Let Attackers View and Download System Configuration
A critical vulnerability in Zyxel’s ATP and USG series firewalls that allows attackers to bypass authorization controls and access sensitive system configurations. Dubbed CVE-2025-9133, this…
Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT
From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed a sophisticated attack campaign targeting…
Home Depot Halloween phish gives users a fright, not a freebie
We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart (that’s a sort of…
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
Oct 21, 2025Ravie LakshmananCyber Espionage / Threat Intelligence A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations…