China-linked Silk Typhoon Hackers Target SaaS Providers
The China-linked advanced persistent threat (APT) group Silk Typhoon has shown a rare ability to compromise trusted relationships in the cloud. That’s one of the…
Author: Cybernoz
South Asian APT Hackers Using Novel Tools to Compromise Phones of Military-Adjacent Members
A sophisticated South Asian Advanced Persistent Threat (APT) group has been conducting an extensive espionage campaign targeting military personnel and defense organizations across Sri Lanka,…
Why Enterprises Need Preemptive Cybersecurity to Combat Modern Phishing
Phishing isn’t what it used to be. It’s no longer fake emails with bad grammar and sketchy links. With AI, modern phishing attacks have become…
Agentic AI vs SOAR: What’s the Real Difference?a
By now, you’ve heard the hype. Agentic AI; self-directed and goal-oriented. Supposedly, the next big thing in security automation. If you’re working in a Security Operations…
APT36 hackers abuse Linux .desktop files to install malware in new attacks
The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. The activity, documented…
BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques
A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes…
Cyber Security Simulation Training Mistakes That CISOs Must Avoid
Your team’s ability to identify phishing attempts in their inboxes has the potential to make or break your entire security posture, which is why having…
Rogue Go Module Doubles as Fast SSH Brute-Forcer, Sends Stolen Passwords via Telegram
Socket’s Threat Research Team has uncovered a deceptive Go module named golang-random-ip-ssh-bruteforce, which masquerades as an efficient SSH brute-forcing tool but secretly exfiltrates stolen credentials…
INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M
Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M Pierluigi Paganini August 22, 2025 INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing…
New HTTP Smuggling Attack Technique Let Hackers Inject Malicious Requests
A sophisticated HTTP request smuggling attack that exploits inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This newly discovered technique leverages malformed…
Microsoft to Restrict Use of OnMicrosoft Domains for Email Sending
Microsoft has announced significant restrictions on the use of default onmicrosoft.com domains for email communication, implementing new throttling measures to combat spam and improve email…
Help TDS Weaponize Legitimate Sites’ PHP Code Templates With Fake Microsoft Windows Security Alert Pages
A sophisticated traffic direction system known as Help TDS has been weaponizing compromised websites since 2017, transforming legitimate sites into gateways for elaborate tech support…