Guess what else GPT-5 is bad at? Security
On Aug. 7, OpenAI released GPT-5, its newest frontier large language model, to the public. Shortly after, all hell broke loose. Billed as faster, smarter…
Author: Cybernoz
Windows 11 KB5063878 & KB5063875 cumulative updates released
Microsoft has released Windows 11 KB5063878 and KB5063875 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Today’s updates are mandatory as they contain the August 2025 Patch Tuesday…
PoisonSeed Phishing Kit Bypasses MFA to Acquire Credentials from Individuals and Organizations
In recent months, a new phishing toolkit known as PoisonSeed has emerged, targeting both individual users and enterprise organizations with unprecedented sophistication. Unlike traditional phishing…
1,500 Jenkins Servers Vulnerable to Command Injection via Git Parameter Plugin
Jenkins disclosed CVE-2025-53652, also known as SECURITY-3419, as part of a batch of 31 plugin vulnerabilities. Initially rated as medium severity, this flaw affects the…
UK work visa sponsors are target of phishing campaign
Cyber criminals are exploiting Home Office branding in a newly identified phishing campaign that targets holders of UK immigrant sponsor licence holders participating in the…
Android’s pKVM hypervisor earns SESIP Level 5 security certification
Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and…
17,000+ VMware ESXi Servers Vulnerable to Critical Integer-Overflow Vulnerability
More than 17,000 VMware ESXi installations worldwide are at risk from a severe integer-overflow vulnerability tracked as CVE-2025-41236 (CVSS 9.3), cybersecurity researchers warn. This critical…
PoisonSeed Phishing Kit Bypasses MFA to Steal Credentials from Users and Organizations
The threat actor known as PoisonSeed, loosely affiliated with groups like Scattered Spider and CryptoChameleon, has deployed an active phishing kit designed to circumvent multi-factor…
WinRAR vulnerability exploited by two different groups
On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is…
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
Aug 12, 2025Ravie LakshmananCybercrime / Financial Security An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology…
Researchers firm up ShinyHunters, Scattered Spider link
The ShinyHunters hacking collective responsible for a wave of cyber attacks orchestrated via Salesforce products is likely collaborating with the Scattered Spider gang that brought…
US govt seizes $1 million in crypto from BlackSuit ransomware gang
The U.S. Department of Justice (DoJ) seized cryptocurrency and digital assets worth $1,091,453 at the time of confiscation, on January 9, 2024, from the BlackSuit…