Qantas says cyberattack affected 5.7 million customers
Qantas confirmed Wednesday that a cyberattack on one of its vendors affected 5.7 million passengers. “Our absolute focus since the incident has been to understand…
Author: Cybernoz
Treasury sanctions North Korean over IT worker malware scheme
The U.S. Department of the Treasury sanctioned cyber actor Song Kum Hyok for his association with North Korea’s hacking group Andariel and for facilitating IT…
Splunk Address Third-Party Packages Vulnerabilities in SOAR Versions
Splunk has released critical security updates addressing multiple vulnerabilities in third-party packages in SOAR versions 6.4.0 and 6.4. Published on July 7, 2025, this comprehensive…
Supply Chain Attack Unleashed via Compromised VS Code Extension
A sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with nearly 6,000 installations. The attack,…
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
Jul 09, 2025Ravie LakshmananMalware / Cyber Espionage A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with…
UK government signs deal with Google Cloud to upskill 100,000 civil servants in AI by 2030
As part of the agreement, Google will train 100,000 civil servants working across the public sector in using AI and other digital services through its…
The MFA You Trust Is Lying to You – and Here’s How Attackers Exploit It
Still getting login codes via text or authenticator apps? You’re not alone—and that’s a big problem. What used to feel like a smart security layer…
Microsoft Patches Wormable RCE Vulnerability in Windows and Windows Server
Microsoft has released critical security updates to address CVE-2025-47981, a severe heap-based buffer overflow vulnerability in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism that affects…
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant…
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates Pierluigi Paganini July 09, 2025 An Iranian ransomware group, Pay2Key.I2P,…
VS Code Extension Weaponized With Two Lines of Code Leads to Supply Chain Attack
A sophisticated supply chain attack has compromised ETHcode, a popular Visual Studio Code extension for Ethereum development, through a malicious GitHub pull request that required…
TapTrap Android Exploit Allows Malicious Apps to Bypass Permissions
A new Android vulnerability called TapTrap that allows malicious apps to bypass the operating system’s permission system without requiring any special permissions themselves. The attack…