First known AI-powered ransomware uncovered by ESET Research
The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats 26 Aug 2025 • , 2 min. read…
Author: Cybernoz
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon…
IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript
A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi). Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to inject…
This Is the Group That’s Been Swatting US Universities
A self-proclaimed leader of an online group linked to the violent extremist network The Com tells WIRED he is responsible for the flurry of hoax…
Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the…
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people Pierluigi Paganini August 27, 2025 Healthcare Services Group suffered a 2024 breach, exposing personal…
We’re All in Fractal Microcults
I think we’re all in microcults now. Fractal microcults. Infinitely small ones. Cults of one. Not everyone, of course, but so many of the people…
Microsoft details Storm-0501’s focus on ransomware in the cloud
A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware…
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild.…
CISA releases New ICS Advisories Surrounding Vulnerabilities and Exploits
CISA released three significant Industrial Control Systems (ICS) advisories on August 26, 2025, alerting organizations to critical vulnerabilities affecting widely-deployed automation systems. These advisories highlight…
Cephalus Ransomware Exploits RDP for Initial Access in Latest Attack Campaign
Cybersecurity researchers at Huntress identified a novel ransomware variant dubbed Cephalus, deployed in two separate incidents targeting organizations lacking robust access controls. This emerging threat,…
AI Excites and Depresses Me
I think, looking back, we might say that the first week of July 2025 was the start of AGI. Like, proto-AGI. All because of Claude…