Citrix Netscaler 0-day RCE Vulnerability Patched
A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems…
Author: Cybernoz
When AI Lies: How misleading algorithms are fueling smarter Ransomware attacks
In the early days of ransomware, cybercriminals employed crude methods, including poorly written phishing messages, smishing messages, and spam emails, to block victims from accessing…
AI supports care of Palestinian refugees in Lebanon hospital
Artificial intelligence (AI) is being piloted at Lebanon’s Al Hamshari Hospital in a project that could help stretched medics provide better care for huge numbers…
NodeBB Vulnerability Let Attackers Inject Boolean-Based Blind and PostgreSQL Error-Based Payloads
NodeBB, a popular open-source forum platform, has been found vulnerable to a critical SQL injection flaw in version 4.3.0. The flaw, tracked as CVE-2025-50979, resides…
Popular Nx Packages Compromised by Credential-Stealing Malware
A widespread supply chain attack on the popular Nx build system has compromised dozens of high-traffic packages, exposing sensitive credentials and demonstrating a frighteningly comprehensive…
4.4 Million US Consumers’ Data Stolen
A TransUnion data breach exposed 4.4 million US consumers’ Social Security numbers via a Salesforce hack. The attack is linked to hacker groups UNC6395. A…
Rethinking the Analyst’s Role in the Human-Augmented SOC
29 Aug From Pyramid of Pain to Pyramid of Influence: Rethinking the Analyst’s Role in the Human-Augmented SOC Posted at 11:02h in Blogs by Taylor…
UL NO. 432: Can You Summarize Your Work in a Sentence?
Continue reading online to avoid the email cutoff issue > Unsupervised Learning is a Security/AI newsletter about how to transition from Human 2.0 to Human…
NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems
Since its emergence in February 2025, the NightSpire ransomware group has rapidly distinguished itself through a sophisticated double-extortion strategy that combines targeted encryption with public…
Data Privacy Claims on The Rise as Evolving Regulation, Wave of Litigation, And AI Shape Future Risk Landscape
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents. The…
VS Code Marketplace Abused by Threat Actors to Deliver Malware via Trusted Extensions
A recently uncovered vulnerability in the Visual Studio Code (VS Code) Marketplace has allowed malicious actors to hijack discontinued extension names and slip malware past…
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to…