Scattered Spider poses serious risk to several hundred major companies
The cybercrime group Scattered Spider’s tactics put a group of roughly 300 major companies at heightened risk of attack, according to a new report from security…
Author: Cybernoz
Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework
Applications are a common intrusion point, but the way attackers gain access, maneuver and create mayhem within and across applications doesn’t always neatly fit into…
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. The malware…
FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code
Fortinet disclosed a significant security flaw in its FortiOS operating system, identified as CVE-2025-24477. This heap-based buffer overflow vulnerability, classified under CWE-122, affects the cw_stad…
127 Bytes Exfiltrated Per Request
Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed “CitrixBleed2.” The flaw allows unauthenticated attackers to…
IBM Power11 debuts with uptime, security, and energy efficiency upgrades
IBM unveiled Power11 today, a new generation of Power servers built to improve performance across processing, hardware, and virtualization. It’s designed to run reliably both…
SEC and SolarWinds to settle lawsuit over 2020 breach
The United States’ Securities and Exchange Commission (SEC) has reached a settlement in principle with SolarWinds in an ongoing case against the organisation and its…
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google’s Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe…
CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS) that is being actively exploited in cyberattacks. The vulnerability,…
MediaTek July 2025 Security Update Addresses Multiple Chipset Vulnerabilities
MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision,…
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little…
Interview: Steve Riley, head of IT operations and service management, Mercedes-AMG Petronas F1
Steve Riley, head of IT operations and service management at Mercedes-AMG Petronas F1 Team, reflects on a job well done. Having worked for the racing…