Scattered Spider With New Telegram Channel List Organizations it Attacked
In early August 2025, a previously quiet cybercrime collective known as Scattered Spider resurfaced with a striking new Telegram channel that aggregates proof of its…
Author: Cybernoz
Critical Vulnerability in Carmaker Portal Allows Hackers to Unlock Cars Remotely
Security researcher Eaton Zveare unveiled a critical flaw in a major automaker’s dealer portal that could allow attackers to unlock and start consumer vehicles from…
DarkBit Hackers Attacking Vmware ESXi Servers to Deploy Ransomware and Encrypt VMDK Files
A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk…
DarkBit Hackers Target VMware ESXi Servers to Deploy Ransomware and Encrypt VMDK Files
A sophisticated ransomware attack by a previously unknown cybercriminal group called “DarkBit” has targeted a major organization’s VMware ESXi infrastructure, encrypting critical virtual machine files…
FBI Busts $100M Romance Scam, Ghana Men Face U.S. Charges
The U.S. authorities have secured the extradition of three Ghanaian nationals accused of running a fraud operation that stole over $100 million from victims through…
NBN Co weaves AI and automation into its operational “fabric”
NBN Co is embedding AI and automation “into the fabric of [its] operations”, with tools already live for design, support and knowledge access, and spending…
Hackers Using ClickFix Technique to Attack Windows Machine and Execute Powershell Commands
A sophisticated new attack campaign has emerged targeting Israeli businesses and infrastructure sectors through a deceptive social engineering technique known as “ClickFix,” which tricks users…
Apache bRPC Vulnerability Lets Attackers Crash Services Remotely via Network
A critical security vulnerability has been discovered in Apache bRPC that allows attackers to remotely crash services through network-based denial of service attacks. The vulnerability,…
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security…
“Shade BIOS” stealth malware hides below operating system
Attackers can create persistent malware that hides below a computer’s operating system, making it effectively invisible to endpoint detection and response tools, new security research…
NCSC Warns of Citrix Netscaler Vulnerability CVE-2025-6543 Exploited to Breach Orgs
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler…
Why DNS threats should be on every CISO’s radar in 2025
DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and…