Exploring Package Tracking Smishing Scams
Have you recently received a text message urging you to take action to avoid a negative outcome? Maybe you’ve just been informed you have an…
Author: Cybernoz
Crunchyroll Data Breach — Threat Actor Claims Exfiltration of 100 GB of User Data
A threat actor has allegedly exfiltrated approximately 100 GB of personally identifiable information (PII) from Crunchyroll, the Sony-owned anime streaming giant, after gaining access through…
How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations –…
Yarra Valley Water betting on AI to predict asset failures
Yarra Valley Water is planning to use generative AI to predict failures across its water supply infrastructure in a bid to drive cost out of…
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 22, 2026 U.S. Cybersecurity and Infrastructure…
Cleo Software Actively Being Exploited in the Wild CVE-2024-55956
CVE-2024-55956 Summary On December 3, Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers. We’ve directly…
This is all it takes to stop a train (Lock and Code S07E06)
This week on the Lock and Code podcast… Forget the runaway train thrillingly shot in Buster Keaton’s 1926 film “The General,” and never mind the…
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Ravie LakshmananMar 18, 2026Network Security / Vulnerability Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol)…
ATO to upgrade its IBM mainframe again in quiet $104.8m deal
The Australian Taxation Office is set to upgrade to IBM’s z17 mainframe under a $104.8 million expansion of an existing mainframe modernisation program it signed…
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal in phishing campaign Pierluigi Paganini March 22, 2026 Russia-linked actors target WhatsApp and Signal accounts of officials and journalists…
What are LOLBins? How to Detect Malicious Threats
LOLBin stands for “Living Off the Land Binaries,” tools that are pre-installed as part of an operating system. LOLBins are not malicious in themselves but…
Ex-data analyst stole company data in $2.5M extortion scheme
A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. While a Justice…