xAI prepares Grok 4 Code as it plans to take on Claude and Gemini
xAI is preparing the rollout of Grok 4, which replaces Grok 3 as the new state-of-the-art model. Ahead of the rollout, testers on X have again…
Author: Cybernoz
Anthropic’s MCP Server Vulnerability Let Attackers Escape Server’s Sandbox and Execute Arbitrary Code
Two high-severity vulnerabilities in Anthropic’s Model Context Protocol (MCP) Filesystem Server enable attackers to escape sandbox restrictions and execute arbitrary code on host systems. The…
Let’s Encrypt Expands to Issue SSL/TLS Certificates for IP Addresses
Let’s Encrypt, a leading certificate authority (CA) known for providing free SSL/TLS certificates since 2015, has issued its first-ever certificate for an IP address. This…
Police dismantles investment fraud ring stealing €10 million
The Spanish police have dismantled a large-scale investment fraud operation that caused cumulative damages exceeding $11.8 million (€10 million). During simultaneous raids in Barcelona, Madrid,…
Apache Tomcat and Camel Vulnerabilities Actively Exploited in The Wild
Critical vulnerabilities in Apache Tomcat and Apache Camel are being actively exploited by cybercriminals worldwide, with security researchers documenting over 125,000 attack attempts across more…
Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional
A spokesperson using ICE’s general press email referred WIRED to a statement issued by acting director Todd M. Lyons on June 30, but did not…
Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks
The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity…
Police dismantles investment fraud ring stealing €10 million
The Spanish police have dismantled a large-scale investment fraud operation that caused cumulative damages exceeding $11.8 million (€10 million). During simultaneous raids in Barcelona, Madrid,…
Threat Actors Widely Abuse .COM TLD to Host Credential Phishing Website
The .COM top-level domain continues to dominate the cybercriminal landscape as the primary vehicle for hosting credential phishing websites, maintaining its position as the most…
CBP Wants New Tech to Search for Hidden Data on Seized Phones
United States Customs and Border Protection (CBP) is asking tech companies to pitch digital forensics tools that are designed to process and analyze text messages,…
Azure API Vulnerabilities Expose VPN Keys and Grant Over-Privileged Access via Built-In Roles
Token Security experts recently conducted a thorough investigation that exposed serious security weaknesses in Microsoft Azure’s Role-Based Access Control (RBAC) architecture. Azure RBAC, the backbone…
New Fake Marketplace From China Mimics Top Retail Brands for Fraud
Cybersecurity firm Silent Push has exposed a massive phishing scam originating from China, which has created thousands of fake e-commerce websites designed to trick online…