Infection Chain and Escalation Tactics Exposed
Lumma, a sophisticated C++-based information stealer, has surged in prevalence over recent years, posing significant risks to both individuals and organizations by exfiltrating sensitive data…
Author: Cybernoz
SquareX Discloses Architectural Limitations of Browser DevTools in Debugging Malicious Extensions
Palo Alto, California, July 29th, 2025, CyberNewsWire Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such…
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure…
Burnout burden: why CISOs are at breaking point, what needs to change
Let’s face it, no one talks about burnout in cybersecurity until it’s already too late. The pressure for CISOs and security leaders has been quietly…
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
FBI Dallas has seized approximately 20 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from…
CodeIgniter Vulnerability Exposes Million of Webapps to File Upload Attacks
A critical security vulnerability has been discovered in CodeIgniter4’s ImageMagick handler, exposing potentially millions of web applications to command injection attacks through malicious file uploads. …
SquareX Discloses Architectural Limitations Of Browser DevTools In Debugging Malicious Extensions
Palo Alto, California, July 29th, 2025, CyberNewsWire Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such…
SAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US Firm
Darktrace, a leading cybersecurity research firm, has identified what is believed to be the first documented instance of threat actors exploiting a critical SAP NetWeaver…
Darwinium launches AI tools to detect and disrupt adversarial threats
Just ahead of Black Hat USA 2025, Darwinium has announced the launched Beagle and Copilot, two new agentic AI features that simulate adversarial attacks, surface…
The New JavaScript Injection Playbook
React conquered XSS? Think again. That’s the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from…
UNC3886 Actors Know for Exploiting 0-Days Attacking Singapore’s Critical Infrastructure
Singapore’s critical infrastructure faces an escalating cyber threat from UNC3886, a sophisticated Chinese state-linked Advanced Persistent Threat (APT) group that has been systematically targeting the…
Gemini CLI Vulnerability Allows Silent Execution of Malicious Commands on Developer Systems
Security researchers at Tracebit have discovered a critical vulnerability in Google’s Gemini CLI that enables attackers to silently execute malicious commands on developers’ systems through…