Lessons From Salesforce/Salesloft Drift Data Breaches
The Salesloft Drift data breaches of August 2025 stand as one of the most significant supply chain attacks in SaaS history, demonstrating how a single…
Author: Cybernoz
Bulletproof Host Stark Industries Evades EU Sanctions – Krebs on Security
In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before…
Cyber Attack Exposes LNER Train Passengers’ Personal Data
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some…
Senator Urges FTC Probe Into Microsoft After Ascension Ransomware Attack
US Senator Ron Wyden urges the FTC to investigate Microsoft after its software contributed to a major ransomware attack on Ascension Hospital, exposing 5.6 million…
Microsoft adds malicious link warnings to Teams private chats
Microsoft Teams will automatically alert users when they send or receive a private message containing links that are tagged as malicious. Microsoft will introduce these…
New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys,…
Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This technique lets an attacker abuse…
Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence
U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called “gross cybersecurity…
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. The hackers are leverging the security…
What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve…
Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity
Sep 11, 2025Ravie LakshmananArtificial Intelligence / Mobile Security Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance…
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement experts and policymakers are due to meet on 12 September to decide on proposals to require technology companies, such as Signal and WhatsApp,…