Author: Cybernoz

Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
26
Jun
2025

Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests

A zero-day research project has uncovered eight new vulnerabilities in multifunction printers (MFPs) and related devices from Brother Industries, Ltd.,…

Share: X : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsFacebook : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsLinkedin : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsReddit : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsTelegram : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsWhatsApp : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP RequestsEmail : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
facial recognition
26
Jun
2025

Facial recognition: Where and how you can opt out

Our remote team recently took a trip to our Estonian office. When we arrived from our various destinations, we started…

Share: X : Facial recognition: Where and how you can opt outFacebook : Facial recognition: Where and how you can opt outLinkedin : Facial recognition: Where and how you can opt outReddit : Facial recognition: Where and how you can opt outTelegram : Facial recognition: Where and how you can opt outWhatsApp : Facial recognition: Where and how you can opt outEmail : Facial recognition: Where and how you can opt out
Sportsbet recruits 'security champions' in shift-left strategy
26
Jun
2025

Sportsbet recruits ‘security champions’ in shift-left strategy

Sportsbet has stood up a ‘security champions’ program, recruiting 42 senior staff to act as security ambassadors, asking questions of…

Share: X : Sportsbet recruits ‘security champions’ in shift-left strategyFacebook : Sportsbet recruits ‘security champions’ in shift-left strategyLinkedin : Sportsbet recruits ‘security champions’ in shift-left strategyReddit : Sportsbet recruits ‘security champions’ in shift-left strategyTelegram : Sportsbet recruits ‘security champions’ in shift-left strategyWhatsApp : Sportsbet recruits ‘security champions’ in shift-left strategyEmail : Sportsbet recruits ‘security champions’ in shift-left strategy
Citrix offices, California
25
Jun
2025

Citrix users hit by actively exploited zero-day vulnerability

Citrix on Wednesday disclosed an actively exploited zero-day vulnerability affecting multiple versions of NetScaler products, an alarming development from a…

Share: X : Citrix users hit by actively exploited zero-day vulnerabilityFacebook : Citrix users hit by actively exploited zero-day vulnerabilityLinkedin : Citrix users hit by actively exploited zero-day vulnerabilityReddit : Citrix users hit by actively exploited zero-day vulnerabilityTelegram : Citrix users hit by actively exploited zero-day vulnerabilityWhatsApp : Citrix users hit by actively exploited zero-day vulnerabilityEmail : Citrix users hit by actively exploited zero-day vulnerability
OneClik attacks use Microsoft ClickOnce and AWS to target energy sector
25
Jun
2025

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors…

Share: X : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksFacebook : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksLinkedin : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksReddit : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksTelegram : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksWhatsApp : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacksEmail : Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
25
Jun
2025

New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild

Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection…

Share: X : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildFacebook : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildLinkedin : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildReddit : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildTelegram : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildWhatsApp : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the WildEmail : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
BreachForums arrests
25
Jun
2025

BreachForums Operators Arrested By French Police

BreachForums was arguably the biggest cybercrime forum until it went offline in April amid rumors of the arrest of one…

Share: X : BreachForums Operators Arrested By French PoliceFacebook : BreachForums Operators Arrested By French PoliceLinkedin : BreachForums Operators Arrested By French PoliceReddit : BreachForums Operators Arrested By French PoliceTelegram : BreachForums Operators Arrested By French PoliceWhatsApp : BreachForums Operators Arrested By French PoliceEmail : BreachForums Operators Arrested By French Police
Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
25
Jun
2025

Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices

A sophisticated Android phishing campaign, aptly named “Wedding Invitation,” has emerged as a significant threat targeting mobile users across India….

Share: X : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesFacebook : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesLinkedin : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesReddit : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesTelegram : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesWhatsApp : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android DevicesEmail : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code
25
Jun
2025

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Hackers deploy fake SonicWall VPN App to steal corporate credentials Pierluigi Paganini June 25, 2025 Hackers spread a trojanized version…

Share: X : Hackers deploy fake SonicWall VPN App to steal corporate credentialsFacebook : Hackers deploy fake SonicWall VPN App to steal corporate credentialsLinkedin : Hackers deploy fake SonicWall VPN App to steal corporate credentialsReddit : Hackers deploy fake SonicWall VPN App to steal corporate credentialsTelegram : Hackers deploy fake SonicWall VPN App to steal corporate credentialsWhatsApp : Hackers deploy fake SonicWall VPN App to steal corporate credentialsEmail : Hackers deploy fake SonicWall VPN App to steal corporate credentials
North Korea
25
Jun
2025

New wave of ‘fake interviews’ use 35 npm packages to spread malware

A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s…

Share: X : New wave of ‘fake interviews’ use 35 npm packages to spread malwareFacebook : New wave of ‘fake interviews’ use 35 npm packages to spread malwareLinkedin : New wave of ‘fake interviews’ use 35 npm packages to spread malwareReddit : New wave of ‘fake interviews’ use 35 npm packages to spread malwareTelegram : New wave of ‘fake interviews’ use 35 npm packages to spread malwareWhatsApp : New wave of ‘fake interviews’ use 35 npm packages to spread malwareEmail : New wave of ‘fake interviews’ use 35 npm packages to spread malware
INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa
25
Jun
2025

INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa

The INTERPOL 2025 Africa Cyberthreat Assessment Report has raised alarms over a dramatic surge in cybercrime across Africa, with Western…

Share: X : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaFacebook : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaLinkedin : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaReddit : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaTelegram : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaWhatsApp : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern AfricaEmail : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa
Citrix
25
Jun
2025

Citrix warns of NetScaler vulnerability exploited in DoS attacks

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices…

Share: X : Citrix warns of NetScaler vulnerability exploited in DoS attacksFacebook : Citrix warns of NetScaler vulnerability exploited in DoS attacksLinkedin : Citrix warns of NetScaler vulnerability exploited in DoS attacksReddit : Citrix warns of NetScaler vulnerability exploited in DoS attacksTelegram : Citrix warns of NetScaler vulnerability exploited in DoS attacksWhatsApp : Citrix warns of NetScaler vulnerability exploited in DoS attacksEmail : Citrix warns of NetScaler vulnerability exploited in DoS attacks