Guzman y Gomez continues to deploy Workday as core people platform
Guzman y Gomez Mexican Kitchen is a year into using Workday as the technology foundation for people services, with two modules still on the roadmap…
Author: Cybernoz
AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges
Artificial intelligence startup Perplexity is using stealthy techniques to get around network blocks against systematic browsing and scraping of web pages, Cloudflare said Monday in…
LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malware
A sophisticated new attack method that exploits AI models’ tendency to comply with legal-sounding text, successfully bypassing safety measures in popular development tools. A study…
Cybersecurity’s Blind Spot: Why Human Behavior is Every CISO’s Business
When a major breach makes headlines, the impact ripples far beyond the individuals whose data has been compromised. It shakes consumer trust, triggers urgent internal…
CNCERT Accuses U.S. Intelligence of Cyberattacks on Chinese Military-Industrial Targets
China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) has publicly accused U.S. intelligence agencies of orchestrating sophisticated cyberattacks against key military-industrial entities, building…
SonicWall VPNs Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass…
Legacy Solutions Have Become a Cyber Defense Problem
The cyber defense community is at a crossroads that is magnified by cyber criminals’ adoption of AI and ransomware-as-a-service. With year-after-year of the IBM Cost…
Modular Malware Suite Sold by Threat Actors Through Public Storefront Domains
A threat actor operating under the moniker Cyber Products has established a public-facing storefront at cyberproducts[.]io to distribute their modular malware suite, dubbed Cyber Stealer.…
Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to send internal-looking phishing emails. The latest research…
‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations
Vietnamese-speaking hackers are carrying out a “highly evasive, multi-stage operation” to steal information from thousands of victims in more than 62 countries, researchers said in…
Proton fixes Authenticator bug leaking TOTP secrets in logs
Proton fixed a bug in its new Authenticator app for iOS that logged users’ sensitive TOTP secrets in plaintext, potentially exposing multi-factor authentication codes if the…
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing…