Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified…
Author: Cybernoz
China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year
Multiple critical infrastructure sectors were hit last year during an attack spree in France via a trio of zero-day vulnerabilities affecting Ivanti Cloud Services Appliance…
Microsoft investigates ongoing SharePoint Online access issues
Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. Part of the Microsoft 365 suite, SharePoint Online…
AI Tools Like GPT Direct Users to Phishing Sites Instead of Legitimate Ones
The popular artificial intelligence tools, including GPT models and Perplexity AI, are inadvertently directing users to phishing websites instead of legitimate login pages. The study…
Threat Actors Exploit .COM TLD to Host Widespread Credential Phishing Sites
Threat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan…
Google open-sources privacy tech for age verification
Age verification is becoming more common across websites and online services. But many current methods require users to share personal data, like a full ID…
![[tl;dr sec] #286 - Securing Vibe Coding, Finding Secrets "Oops Commits", Backdooring IDE Extensions](https://image.cybernoz.com/wp-content/uploads/2025/07/tldr-sec-286-Securing-Vibe-Coding-Finding-Secrets-Oops.png)
[tl;dr sec] #286 – Securing Vibe Coding, Finding Secrets “Oops Commits”, Backdooring IDE Extensions
Rules files to vibe securely, earning $25K from dangling commits, compromising the extension marketplace of Cursor, Windsurf, and other VS Code forks I hope you’ve…
IdeaLab confirms data stolen in ransomware attack last year
IdeaLab is notifying individuals impacted by a data breach incident last October when hackers accessed sensitive information. Although the organization does not describe the type…
Android Spyware Catwatchful Exposes Credentials of Over 62,000+ Customer Accounts
A major security vulnerability in the Android spyware operation Catwatchful has exposed the complete database of over 62,000 customer accounts, including plaintext passwords and email…
Citrix Alerts on Authentication Failures After NetScaler Update to Resolve Auth Vulnerability
Citrix has issued an urgent advisory for NetScaler users following the release of builds 14.1.47.46 and 13.1.59.19, warning of potential authentication disruptions stemming from a…
Microsoft Edge Fixes Actively Exploited Chromium Vulnerability
Microsoft has released a critical security update for Edge Stable Channel on July 1, 2025, addressing a severe vulnerability that cybercriminals have actively exploited. The…
Microsoft Acknowledges Error Entry in Windows Firewall With Advanced Security
Microsoft has officially confirmed that its recent Windows 11 update, KB5060829, is causing unexpected error entries in the Windows Firewall With Advanced Security logs. The…