248,725 Exposed in CIEE One Data Breach
Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach Pierluigi Paganini July 03, 2025 Resecurity found a breach in Brazil’s CIEE One platform, exposing…
Author: Cybernoz
Threat Actors Widely Abuse .COM TLD to Host Credential Phishing Website
The .COM top-level domain continues to dominate the cybercriminal landscape as the primary vehicle for hosting credential phishing websites, maintaining its position as the most…
Beware of Fake Chinese E-Commerce Sites Imitating Apple, Wrangler, and Exploiting Payment Services like MasterCard and PayPal
A sophisticated phishing campaign, initially spotlighted by Mexican journalist Ignacio Gómez Villaseñor, has evolved into a sprawling global threat, as revealed by Silent Push Threat…
Grafana releases critical security update for Image Renderer plugin
Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. Although the issues impact…
Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability
Citrix has issued an urgent advisory warning customers of widespread authentication failures following recent updates to NetScaler builds 14.1.47.46 and 13.1.59.19. The updates, released as…
Big Tech’s Mixed Response to U.S. Treasury Sanctions – Krebs on Security
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites…
New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks
NSFOCUS Fuying Lab’s Global Threat Hunting System has discovered a new botnet family called “hpingbot” that has been quickly expanding since June 2025, marking a…
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified…
China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year
Multiple critical infrastructure sectors were hit last year during an attack spree in France via a trio of zero-day vulnerabilities affecting Ivanti Cloud Services Appliance…
Microsoft investigates ongoing SharePoint Online access issues
Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. Part of the Microsoft 365 suite, SharePoint Online…
AI Tools Like GPT Direct Users to Phishing Sites Instead of Legitimate Ones
The popular artificial intelligence tools, including GPT models and Perplexity AI, are inadvertently directing users to phishing websites instead of legitimate login pages. The study…
Threat Actors Exploit .COM TLD to Host Widespread Credential Phishing Sites
Threat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan…