Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit
Website owners using the Service Finder WordPress theme and its bundled Bookings plugin must update their software immediately, as a serious security flaw is currently…
Author: Cybernoz
Beyond the refresh: Your cyber strategy must include AI PCs
It’s easy to view PC refreshes as simply cosmetic. Businesses get new designs, faster processors and maybe a thinner chassis. But while these enhancements are…
Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware
Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira ransomware on enterprise networks. Beginning in July,…
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS – Krebs on Security
The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers…
Apple voices concerns over age-check law that could put user privacy at risk
Apple has raised concerns about a new Texas state law, SB 2420, which introduces age assurance requirements for app stores and app developers. One of…
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries
Oct 10, 2025Ravie LakshmananSaaS Security / Threat Intelligence A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of…
Teens arrested over Kido nursery hack
London’s Metropolitan Police force has arrested two 17-year-old boys in connection with the recent cyber attack at London-based childcare chain Kido, which saw hackers publish…
SonicWall investigation shows hackers gained wide access to customer backup files
SonicWall on Wednesday said it completed an investigation that showed hackers were able to gain access to firewall configuration backup files for all customers that…
How VMware Certification Transformed My Career
By Matt Heldstab, vExpert & IT Architect I still remember the exact moment I passed my first VMware certification exam. It was a moment that…
New Chaosbot Leveraging CiscoVPN and Active Directory Passwords to Execute Network Commands
ChaosBot surfaced in late September 2025 as a sophisticated Rust-based backdoor targeting enterprise networks. Initial investigations revealed that threat actors gained entry by exploiting compromised…
Your passwords don’t need so many fiddly characters, NIST says
It’s once again time to change your passwords, but if one government agency has its way, this might be the very last time you do…
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable…