Beware of npm Phishing Emails Targeting Developer Credentials
An developer recently came across a highly advanced phishing email that spoofs the support@npmjs.org address in order to impersonate npm, the Node.js package registry. The…
Author: Cybernoz
NailaoLocker Ransomware Attacking Windows Systems Using Chinese SM2 Cryptographic Standard
FortiGuard Labs has discovered a sophisticated new ransomware strain called NailaoLocker that represents a significant departure from conventional encryption malware. This Windows-targeting threat introduces the…
How WIRED Analyzed the Epstein Video
Michael Calore: Go to the movies. Lauren Goode: Just go to the movies. Katie Drummond: I like that. Michael Calore: This is the worst time…
APT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware Deployment
Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a…
World Leaks Claims Dell Data Breach, Leaks 1.3 TB of Files
World Leaks, the rebranded version of the Hunters International ransomware gang, has leaked 1.3 TB of internal data, which the group claims belongs to Dell…
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
Jul 21, 2025Ravie LakshmananBrowser Security / Malware The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT…
Darktrace buys network visibility specialist Mira
British cyber giant Darktrace has announced it is to acquire network traffic visibility specialist Mira Security for an undisclosed sum as it seeks to reinforce…
U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog
U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog Pierluigi Paganini July 21, 2025 U.S. Cybersecurity and Infrastructure…
If You’re Agnostic, You’re Probably an Atheist
[ 2009-04-12 : I’ve decided to back off this specific argument of “atheist” applying to those that lack belief. The reason for this is that…
Threat Actors Leverage Zoho WorkDrive Folder to Deliver Obfuscated PureRAT Malware
Cybercriminals have escalated their attack sophistication by utilizing legitimate cloud storage services to distribute advanced malware, as demonstrated in a recent campaign targeting a certified…
Attackers Can Exploit Lighthouse Studio RCE Bug to Gain Server Access
Researchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This…
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Jul 21, 2025Ravie LakshmananSpyware / Mobile Security Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence…