Xerox patches critical vulnerability in FreeFlow Core application
Xerox has issued a security upgrade for critical and high-severity vulnerabilities in its FreeFlow Core product that researchers said could have allowed an attacker to…
Author: Cybernoz
Check your risk blind spot
Does your business truly understand its dependencies, and how to mitigate the risks posed by an attack on them? 12 Aug 2025 • , 4…
Spike in Fortinet VPN brute-force attacks raises zero-day concerns
A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting…
New ‘Curly COMrades’ APT Hackers Attacking Targeting Critical Organizations in Countries
A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage campaigns against critical organizations in countries…
CISA, Microsoft update guidance on Exchange Server vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) and Microsoft on Tuesday updated their mitigation guidance for a high-severity flaw in Exchange Server. The flaw, tracked…
Pennsylvania attorney general’s email, site down after cyberattack
The Office of the Pennsylvania Attorney General has announced that a recent cyberattack has taken down its systems, including landline phone lines and email accounts.…
Hackers Could Gain Full Control of Your Rooted Android Devices by Exploiting One Vulnerability
A critical security vulnerability discovered in popular Android rooting frameworks could allow malicious applications to completely compromise rooted devices, giving attackers full system control without…
SmartLoader Malware Masquerades as Legitimate GitHub Repository to Infect Users
AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated campaign involving the massive dissemination of SmartLoader malware through GitHub repositories designed to mimic legitimate software…
Microsoft patches some very important vulnerabilities in August’s patch Tuesday
In the August 2025 patch Tuesday round Microsoft fixed a total of 111 Microsoft vulnerabilities. A few of them are very important for people to…
BlackSuit ransomware payment recovered in takedown operation
Over a million dollars’ worth of cryptocurrency assets laundered by or on behalf of the notorious BlackSuit ransomware gang – previously known as Royal –…
US agencies, international allies issue guidance on OT asset inventorying
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Government agencies from the U.S., Australia, Canada,…
New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems
If you think phishing is just clicking a bad link and landing on a fake login page, Tycoon2FA will prove you wrong. This new wave…