Microsoft 365 Apps Abused in Attacks
Attackers don’t need exploits; they need TRUST. Changes in attack methods reflect changes in generations. Gen Z, a generation known for prioritizing ease and efficiency, is…
Author: Cybernoz
Meta’s New Feature Transforms Instagram to a New Real-Time Location Broadcaster
Meta has introduced a groundbreaking feature that fundamentally transforms Instagram from a traditional photo-sharing platform into a comprehensive real-time location broadcasting system. The new “Map”…
Serious path traversal bug found in Microsoft’s NLWeb “Agentic Web” tool
Microsoft’s open source NLWeb framework for delivering AI-driven agentic web applications shipped with an easy to exploit path traversal vulnerability that revealed the context of…
DOJ, international partners take down BlackSuit group’s infrastructure
The U.S. government and seven international partners have seized the computer servers of the BlackSuit ransomware group and more than $1 million in cryptocurrency that…
Why cyber modernization requires partners with technical plus acquisition expertise
The digital landscape for federal agencies is a constantly evolving battlefield. Adversaries are leveraging rapidly advancing technologies, including artificial intelligence, to devise more sophisticated attacks,…
North Korean Kimsuky hackers exposed in alleged data breach
The North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky’s values, stole…
Silent Watcher Attacking Windows Systems and Exfiltrate Data Using Discord Webhook
A sophisticated Visual Basic Script (VBS) malware dubbed “Silent Watcher” has emerged as a persistent threat targeting Windows systems, demonstrating advanced data exfiltration capabilities through…
ATO trials multimodal AI models for auditing work-related expenses
The Australian Taxation Office is actively trialling large multimodal AI models to help audit taxpayer-submitted documents as part of a broader push to “industrialise” AI…
OpenAI is testing 3,000-per-week limit for GPT-5 Thinking
OpenAI has responded to criticism that it shipped GPT-5 with token limits to minimize cost and maximize profit not with words, but rather with a…
Carmaker Portal Flaw Could Let Hackers Unlock Cars, Steal Data
A security vulnerability in a major carmaker’s online portal exposed customer data and could have let hackers remotely unlock vehicles. Read about the “security nightmare”…
Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
The Netherlands’ National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach “critical organizations” in the…
CastleLoader Malware Infected Over 400+ Devices Using Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader that emerged in early 2025, has successfully compromised 469 devices out of 1,634 infection attempts since May 2025, achieving an…