iCloud Calendar infrastructure abused in PayPal phishing campaign
Once again, phishers are targeting PayPal users by abusing existing legitimate infrastructure. Only this time they’re not abusing PayPal’s platform,...
Read more →Author: Cybernoz
Roblox Turns To AI-Based Age Estimation For All Communication-Ready Users
Roblox is rolling out a bold move to bolster child protection on its platform. In a Safety + Civility update,...
Read more →Hackers Weaponizee Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day
A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering...
Read more →
Finding Agility in Post Quantum Encryption (PQC)
In an era where data security is paramount, current encryption algorithms are sufficient to safeguard sensitive information. However, the advent...
Read more →
Kimsuky Hackers’ Playbook Uncovered in Exposed ‘Kim’ Data Dump
A rare breach attributed to a North Korean–affiliated actor named “Kim” by the leakers has unveiled unprecedented insight into Kimsuky...
Read more →
Breaking Into Cybersecurity Without A Technical Degree
Cybercrime damages are projected to reach $10.5 trillion USD globally by 2025, according to Cybersecurity Ventures, and organizations need more cybersecurity...
Read more →
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter...
Read more →
Hackers Exploit Amazon SES to Blast Over 50,000 Malicious Emails Daily
A sophisticated cyberattack campaign where threat actors exploited compromised AWS credentials to hijack Amazon’s Simple Email Service (SES), launching large-scale...
Read more →
iExec Becomes First Privacy Tools Provider for Arbitrum Ecosystem Builders
Paris, France, 2025 – iExec has announced the deployment of its privacy framework on Arbitrum, enabling the creation of powerful...
Read more →
PoC Exploit Released for ImageMagick RCE Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting...
Read more →
Web Application Firewall Bypassed via JS Injection with Parameter Pollution
In a recent autonomous penetration test, a novel cross-site scripting (XSS) bypass that sidesteps even highly restrictive Web Application Firewalls...
Read more →
Salesloft Drift data breach: Investigation reveals how attackers got in
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft...
Read more →