Replacing Cursor With Neovim and Claude Code
My three-paned Ghostty / Neovim / Claude Code Setup (click for full size) It kind of sucks right now to be a (neo)Vim user if…
Author: Cybernoz
New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a…
Intel filing shows risks of US government stake
While the CEOs of the major tech firms have lined up to support the Trump administration’s 9.9% equity stake in chipmaker Intel, the company itself…
Spotify Launches Direct Messaging Feature Amid Security Concerns
Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the move promises streamlined recommendations and…
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These…
One-click MCP servers with Cloudflare
Cloudflare simplifying MCP deployment (click for full size) One thing I’ve never liked about the whole MCP thing is the fact that you have to…
New ZipLine Campaign Attacks Critical Manufacturing Companies to Deploy In-memory Malware MixShell
In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to…
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth…
ESET warns of PromptLock, the first AI-driven ransomware
ESET warns of PromptLock, the first AI-driven ransomware Pierluigi Paganini August 27, 2025 ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama…
Most AI Interaction Will Go Through Your DA
The stages of technological evolution (click for full size) A long time ago, I wrote about how things tend to start off as ideas, then…
What to expect after going public with a bug bounty program?
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program…