Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites
New research from Red Canary and Zscaler shows phishing lures now drop RMM tools like ITarian and Atera, giving attackers admin-level access for malware and…
Author: Cybernoz
CISO’s Guide to Securing a Board Seat in the Boardroom
CISOs belong in the Boardroom, according to CrowdStrike (NASDAQ: CRWD) President / CEO and Founder George Kurtz, who reveals the strategies CISOs can use to…
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we’ll explore what a “browser-based attack”…
China Enforces 1-Hour Cybersecurity Incident Reporting
China is ramping up its cybersecurity enforcement with new regulations requiring network operators to report severe cybersecurity incidents within one hour. The rules, announced by…
Mustang Panda With SnakeDisk USB Worm and Toneshell Backdoor Seeking to Penetrate Air-Gap Systems
The cybersecurity landscape witnessed a significant escalation in July 2025 when the China-aligned threat actor Hive0154, commonly known as Mustang Panda, deployed sophisticated new malware…
Burger King Uses DMCA to Remove Blog Exposing Drive-Thru System Security Flaws
Burger King has invoked the Digital Millennium Copyright Act to force the removal of a security researcher’s blog post that disclosed serious vulnerabilities in its…
‘Utter madness’ as Post Office paid law firm double the cost of scandal public inquiry
Taxpayers paid one legal firm double the amount in fees to represent the Post Office in the Horizon scandal statutory public inquiry than they paid…
Google Launched Behind-the-Scenes Campaign Against California Privacy Legislation; It Passed Anyway
In April, Rhode Island resident Navah Hopkins received a plea for her help to defeat legislation thousands of miles away in California. The ask came…
New SEO Poisoning Attacking Windows Users With Weaponized Software Sites
In August 2025, security researchers uncovered a sophisticated SEO poisoning campaign targeting Chinese-speaking Windows users. By manipulating search result rankings with tailored SEO plugins and…
IBM QRadar SIEM Vulnerability Allows Unauthorized Actions by Attackers
A permissions issue in IBM QRadar SIEM could enable local privileged users to modify configuration files without proper authorization. Tracked as CVE-2025-0164, this flaw stems…
CVE-2025-58434: FlowiseAI Vulnerability Exposes Accounts
A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of complete account compromise. Tracked…
FBI Shares IoCs for Recent Salesforce Intrusion Campaigns
The FBI has shared indicators of compromise (IoCs) associated with two malicious campaigns targeting Salesforce customers for data theft and extortion. The first campaign, attributed…