Trump slaps 100% tariffs on chips to get tech onshore
US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to build out US-based manufacturing. In…
Author: Cybernoz
![[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review](https://image.cybernoz.com/wp-content/uploads/2025/08/tldr-sec-291-Build-a-GuardDuty-Triage-Agent-Scaling.png)
[tl;dr sec] #291 – Build a GuardDuty Triage Agent, Scaling Netflix’s Threat Detection Pipelines, Claude for Security Review
Hacker Summer Camp Once more, hackers have descended onto Vegas for our annual Hacker Summer Camp pilgrimage. I hope you enjoy the talks, meet some…
CISA Warns of ‘ToolShell’ Exploits Chain Attacks SharePoint Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit chain targeting on-premises Microsoft SharePoint…
Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and…
New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite
Cybersecurity researchers at SafeBreach Labs have uncovered a new kind of cyberattack that starts with something as ordinary as a Google Calendar invitation. According to…
6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits
Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if successfully exploited,…
Trump slaps 100% tariffs on chips to get tech onshore
US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to build out US-based manufacturing. In…
New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control
A sophisticated new attack technique called “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels. Presented by Adam Crosser from…
CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed “ToolShell” targeting on-premises Microsoft SharePoint servers. It leverages…
New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite
Cybersecurity researchers at SafeBreach Labs have uncovered a new kind of cyberattack that starts with something as ordinary as a Google Calendar invitation. According to…
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads…
Diversity Think Tank: Divesting from inclusion is a tech business mistake
Inclusion programs look to create a workplace where everyone feels welcome, supported and valued, aiming to enhance an organisation’s culture and performance, utilising differing perspectives…