New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning of high-severity BIOS flaws that could let attackers bypass Secure Boot on all-in-one desktops using customized Insyde UEFI firmware. Devices confirmed to…
Author: Cybernoz
Threat Actors Weaponize LNK Files With New REMCOS Variant That Bypasses AV Engines
Cybercriminals are increasingly leveraging malicious Windows Shortcut (LNK) files to deploy sophisticated backdoors, with a new campaign delivering an advanced REMCOS variant that successfully evades…
New Spear Phishing Attack Distributes VIP Keylogger Through Email Attachment
Threat actors have revived the sophisticated VIP keylogger malware, previously detailed in an earlier white paper for its use of spear-phishing and steganography to infiltrate…
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome
Jul 30, 2025Ravie LakshmananVulnerability / Zero-Day Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google…
WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control
A critical remote code execution (RCE) vulnerability in the popular “Alone” WordPress theme is being actively exploited by attackers to gain complete control of vulnerable…
Researchers Reveal North Korean Threat Actors’ Tactics for Uncovering Illicit Access
Cybersecurity researchers from Flashpoint have exposed the intricate tactics employed by North Korean threat actors to infiltrate global organizations through remote work vulnerabilities. These operatives,…
Inc Ransomware Claims 1.2TB Data Breach at Dollar Tree
The notorious INC Ransomware group is claiming responsibility for a data breach at Dollar Tree, the American retail chain known for selling most items at…
A Look Inside Pillar’s AI Security Platform
In this article, we will provide a brief overview of Pillar Security’s platform to better understand how they are tackling AI security challenges. Pillar Security…
PyPI maintainers alert users to email verification phishing attack
PyPI maintainers alert users to email verification phishing attack Pierluigi Paganini July 30, 2025 PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email…
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
Once reserved for large enterprises, cybersecurity has become a top priority for businesses of all sizes. SMBs are driving surging demand for vCISO services to…
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack
A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks. The format string vulnerability…
Microsoft SharePoint Server 0-Day Exploit Targets African Treasury, Companies, and University
A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim…