Paddle settles for $5 million over facilitating tech support scams
Paddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed…
Author: Cybernoz
XDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System Users
The XDSpy threat actor has been identified as exploiting a Windows LNK zero-day vulnerability, dubbed ZDI-CAN-25373, to target governmental entities in Eastern Europe and Russia.…
Scattered Spider Aims at US Insurers After UK Retail Hit, Google Warns
A hacker group known for high-profile attacks on retail giants is now turning its attention to the insurance sector, according to a new warning from…
Scattered Spider widens web to target insurance sector
Insurance companies are warned to be on their guard against a spreading campaign of network intrusions orchestrated by the Scattered Spider cyber crime collective after…
Defence’s AI Centre hunts value in 1 billion unstructured documents
Defence is ramping up efforts to “accelerate and enable” artificial intelligence adoption across the organisation, in part by tapping a data repository of around one…
Iran’s Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group
Bank Sepah’s website is offline following a hacktivist group’s claimed attack on the Iran state-owned bank. The group, known as Predatory Sparrow — or Gonjeshke…
New Sophisticated Multi-Stage Malware Campaign Uses VBS Files to Execute PowerShell Script
A recently uncovered malware campaign has revealed a highly sophisticated, multi-stage infection process utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy remote access…
WhatsApp to start targeting you with ads
WhatsApp has announced that it will start to show you targeted ads on the app. The ads, it says, will appear under the Updates tab.…
New Sorillus RAT Targets European Organizations Through Tunneling Services
An important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European client was the subject of…
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
Jun 17, 2025Ravie LakshmananMalware / Cyber Espionage A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as…
Scania confirms insurance claim data breach in extortion attempt
Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim…
New KimJongRAT Stealer Uses Weaponized LNK File to Deploy PowerShell-Based Dropper
The two new variants of the KimJongRAT stealer have emerged, showcasing the persistent and evolving nature of this malicious tool first identified in 2013. Detailed…