Justice Dept Seizes $848K In Crypto From Confidence Scams
The U.S. Department of Justice has initiated a civil forfeiture action targeting $848,247 in Tether (USDT), suspected to be proceeds from elaborate confidence scams that…
Author: Cybernoz
CISA Warns of Android 0-Day Use-After-Free Vulnerability Exploited in Attacks
CISA has issued an urgent alert regarding a zero-day vulnerability in the Android operating system that is being actively exploited in real-world attacks. The vulnerability,…
TP-Link Vulnerabilities Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding critical vulnerabilities in popular TP-Link router models that are currently being actively…
SVG files used in hidden malware campaign impersonating Colombian authorities
SVG files used in hidden malware campaign impersonating Colombian authorities Pierluigi Paganini September 05, 2025 VirusTotal uncovered an undetected malware campaign using SVG files that…
Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode
A critical, zero-click vulnerability that allows attackers to hijack online accounts by exploiting how web applications handle international email addresses. The flaw, rooted in a…
Colombian Malware Exploits SWF and SVG to Evade Detection
A sophisticated malware campaign targeting Colombian institutions through an unexpected vector: weaponized SWF and SVG files that successfully evade traditional antivirus detection. The discovery emerged…
Hackers Leverages Google Calendar APIs With Serverless MeetC2 Communication Framework
Cybersecurity researchers have identified a sophisticated new command-and-control framework that exploits legitimate Google Calendar APIs to establish covert communication channels between attackers and compromised systems.…
New Malware Exploits Windows Character Map to Evade Defender and Mine Crypto
A sophisticated cryptojacking campaign that hijacks Windows’ native Character Map utility (“charmap.exe”) to evade Windows Defender and covertly mine cryptocurrency on compromised machines. First detected…
New NightshadeC2 Botnet Uses ‘UAC Prompt Bombing’ to Bypass Windows Defender Protections
Security teams began observing a novel botnet strain slipping beneath the radar of standard Windows Defender defenses in early August 2025. Dubbed NightshadeC2, this malware…
North Korean Hackers Expose Their Playbook for Swapping Infrastructure
A sophisticated North Korean cyber operation has been exposed, revealing how state-sponsored hackers systematically monitor cybersecurity intelligence platforms to detect when their malicious infrastructure is…
Czechia Warns Of Chinese Data Transfers And Remote Administration For Espionage
Czechia’s national cybersecurity watchdog has issued a warning about foreign cyber operations, focussed on Chinese data transfers and remote administration, urging both government bodies and…
Hackers May Leverage Raw Disk Reads to Bypass EDR Solutions and Access Highly Sensitive Files
A new technique that allows attackers to read highly sensitive files on Windows systems, bypassing many of the modern security tools designed to prevent such…