OWASP Launches AI Testing Guide to Uncover Vulnerabilities in AI Systems
As artificial intelligence (AI) becomes a cornerstone of modern industry, the Open Web Application Security Project (OWASP) has announced the release of its AI Testing…
Author: Cybernoz
North Korean Hackers Trick Users With Weaponized Zoom Apps to Execute System-Takeover Commands
A sophisticated cybercriminal campaign has emerged targeting professionals through meticulously crafted fake Zoom applications designed to execute system takeover commands. The attack leverages advanced social…
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system…
WhatsApp Banned on U.S. House Staffers Devices Due to Potential Security Risks
Summary 1. The U.S. House Chief Administrative Officer banned WhatsApp from all government-issued devices used by congressional staffers, including mobile, desktop, and web browser versions.…
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code…
Insurer Aflac investigating possible data leak
Health and life insurer Aflac said it is investigating a breach on its US network that may have exposed customers’ personal information, making it the…
LapDogs Hackers Leverages 1,000 SOHO Devices Using a Custom Backdoor to Act Covertly
A sophisticated China-linked cyber espionage campaign has emerged, targeting over 1,000 Small Office/Home Office (SOHO) devices worldwide through an advanced Operational Relay Box (ORB) network…
Notepad++ Vulnerability Allows Full System Takeover — PoC Released
A critical privilege escalation vulnerability (CVE-2025-49144) in Notepad++ v8.8.1 enables attackers to achieve full system control through a supply-chain attack. The flaw exploits the installer’s…
Why work-life balance in cybersecurity must start with executive support
In this Help Net Security interview, Stacy Wallace, CISO at Arizona Department of Revenue, talks about the realities of work-life balance in cybersecurity leadership. She…
AT&T’s US$177m data breach settlement wins US court approval
A US judge granted preliminary approval to a US$177 million ($273 million) settlement that resolves lawsuits against AT&T over breaches in 2024 that exposed personal…
New Echo Chamber Attack Breaks AI Models Using Indirect Prompts
A groundbreaking AI jailbreak technique, dubbed the “Echo Chamber Attack,” has been uncovered by researchers at Neural Trust, exposing a critical vulnerability in the safety…
Reconmap: Open-source vulnerability assessment, pentesting management platform
Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from…