Law Enforcement Shutters Over 373,000 Dark Web Sites
A 35-year-old man operating from China ran the largest fraudulent dark web network ever dismantled and the most disturbing detail is not the scale of…
Author: Cybernoz
DNS Security Guidance Updated In NIST SP 800-81r3
The latest update to DNS security guidance from the National Institute of Standards and Technology (NIST) marks a new in how organizations are expected to secure one of the…
“CanisterWorm” supply chain malware attacks npm
A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security…
Iran-linked actors use Telegram as C2 in malware attacks on dissidents
Iran-linked actors use Telegram as C2 in malware attacks on dissidents Pierluigi Paganini March 23, 2026 Iran-linked actors use Telegram as C2 to spread malware…
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire
When an admin from the organization activated the new hire’s EntraID account, the team observed that the new hire used an EntraID login from a…
CRI pilot reveals water utilities show strong interest in improving cybersecurity but face persistent gaps in execution
The Cyber Readiness Institute (CRI), in partnership with the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies and with…
ODNI report: US critical infrastructure faces escalating cyber risks from China, Russia, Iran, and North Korea
The Office of the Director of National Intelligence’s Annual Threat Assessment 2026 makes clear that cyberspace is now a primary arena of conflict, with state…
2024: Revisiting a Year in Threats
Before you pop the bubbly and count down to a new year, let’s reminisce for a moment. Looking back on the past 365 days, it…
FBI warns of Handala hackers using Telegram in malware attacks
The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country’s Ministry of Intelligence and Security (MOIS) are using…
New CanisterWorm Steals npm Tokens and Spreads Through Compromised Publisher Accounts
A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked to a…
Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems
QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network video surveillance solution. Disclosed on…
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings,…