XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
XBOW has raised $75 million in Series B funding to grow its AI-driven offensive security platform. The round was led by Altimeter’s Apoorv Agrawal, with…
Author: Cybernoz
Sextortion email scammers increase their “Hello pervert” money demands
Every so often the sextortion emails that start with “Hello pervert” get a redesign. You may have received one yourself: The emails claim that the…
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
Jun 25, 2025Ravie LakshmananVPN Security / Malware Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials…
Google Plans to Remove Chrome’s Tab Scrolling Feature
Google has decided to deprecate the “Tab Scrolling” feature in its Chrome browser, marking the end of a tool that many users relied on to…
Critical Kibana Flaws Enable Heap Corruption and Remote Code Execution
A critical security flaw has been uncovered in Kibana, the popular data visualization platform for the Elastic Stack, exposing organizations to severe risks of heap…
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
Jun 25, 2025Ravie LakshmananMalware / Open Source Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation…
Prometei botnet activity has surged since March 2025
Prometei botnet activity has surged since March 2025 Pierluigi Paganini June 25, 2025 Prometei botnet activity has surged since March 2025, with a new malware…
TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights
A critical security vulnerability has been discovered in TeamViewer Remote Management for Windows, exposing systems to potential privilege escalation attacks. The flaw, tracked as CVE-2025-36537,…
New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare
Cybersecurity researchers have discovered a highly advanced malware campaign targeting WordPress websites, capable of stealing credit card details, user logins, and even profiling victims. Discovered…
CISA Releases New ICS Advisories Highlighting Ongoing Threats and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released eight new Industrial Control Systems (ICS) advisories on June 24, 2025, addressing critical vulnerabilities and ongoing…
Companies negotiate their way to lower ransom payments
Nearly 50% of companies paid the ransom to recover their data, the second-highest rate in six years, according to Sophos. How actual payments stack up…
NVIDIA Megatron LM Flaw Allows Attackers to Inject Malicious Code
NVIDIA has issued an urgent security update for its open-source Megatron-LM framework, following the discovery of two critical vulnerabilities that could allow attackers to inject…