Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning
Threat actors have been using trojanized versions of well-known IT tools like PuTTY and WinSCP to spread the Oyster backdoor, also known as Broomstick or…
Author: Cybernoz
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google’s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers’ computers using allowlisted programs. The flaw was…
Muddled Libra Actors Attacking Organizations Call Centers for Initial Infiltration
The cyberthreat landscape witnessed a concerning evolution in 2025 as the notorious Muddled Libra threat group dramatically shifted their attack methodology, pivoting from traditional phishing…
ArmouryLoader Bypasses Security Protections to Inject Malicious Code
ArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing world of cyberattacks. First identified…
Endgame Gear mouse config tool infected users with malware
Gaming peripherals maker Endgame Gear is warning that malware was hidden in its configuration tool for the OP1w 4k v2 mouse hosted on the official…
Uncovering Five Critical Vulnerabilities in Microsoft SharePoint
Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed “ToolShell,” actively targeting on-premise Microsoft SharePoint servers worldwide. The campaign, which began widespread exploitation…
Why business logic abuse is a major threat
Earlier this year one of the largest ever cases of business logic abuse was detected when a botnet across over 11 million unique IP addresses…
Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google
A highly “aggressive” cyber campaign, identified in mid-2025 by Google’s Threat Intelligence Group (GTIG), is posing a severe threat to major industries, including retail, airlines,…
macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence…
Chinese Hackers Exploit Software Vulnerabilities to Breach Targeted Systems
China’s Cyberspace Administration, Ministry of Public Security, and Ministry of Industry and Information Technology introduced the Regulations on the Management of Network Product Security Vulnerabilities…
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Jul 28, 2025Ravie LakshmananMalware / Developer Tools In what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s…
Kioxia launches 245TB LC9, the biggest flash drive on the market
Kioxia has launched solid-state drives of 245.76TB (terabytes), making them the largest capacity commodity flash drives currently on the market. The company said the new…