Microsoft to Block External Workbook Links to Unsafe File Types by Default
Microsoft announced a significant security enhancement for Excel users, revealing plans to block external workbook links to unsafe file types by default starting in October…
Author: Cybernoz
Threat Actors Abuse Proofpoint’s and Intermedia’s Link Wrapping Features to Hide Phishing Payloads
The latest wave of credential-phishing campaigns has revealed an unexpectedly convenient ally for threat actors: the very e-mail security suites meant to protect users. First…
CISA released Thorium platform to support malware and forensic analysis
CISA released Thorium platform to support malware and forensic analysis Pierluigi Paganini August 01, 2025 CISA releases Thorium, an open-source tool for malware and forensic…
Solving the challenges of a bug bounty program manager (BBPM). Strategic execution for security leaders.
As more organizations lean on third-party platforms, cloud infrastructure, and remote development teams, the attack surface grows, often faster than internal security teams can manage.…
AI Engine Plugin Flaw Exposes 100K Sites To RCE Risk
A security flaw affecting over 100,000 WordPress websites has been discovered in the AI Engine plugin, specifically impacting versions 2.9.3 and 2.9.4. The vulnerability, classified…
ChatGPT Conversations are Being Indexed by Search Engines!
ChatGPT shared conversations are being indexed by major search engines, effectively turning private exchanges into publicly discoverable content accessible to millions of users worldwide. The…
Open-Source Malware and Forensics Tool Now Public
The Cybersecurity and Infrastructure Security Agency (CISA) has made a significant contribution to the cybersecurity community by publicly releasing Thorium, a powerful open-source platform designed…
Smart steps to keep your AI future-ready
In this Help Net Security interview, Rohan Sen, Principal, Cyber, Data, and Tech Risk, PwC US, discusses how organizations can design autonomous AI agents with…
Google’s Project Zero to make faster vulnerability announcements
Google’s elite bug hunters in the Project Zero team will from now on publicly share if they have discovered vulnerabilities within a week after reporting…
Hackers Weaponizing Free Trials of EDR to Disable Existing EDR Protections
A sophisticated attack technique was uncovered where cybercriminals exploit free trials of Endpoint Detection and Response (EDR) software to disable existing security protections on compromised…
Hackers Abuse EDR Free Trials to Bypass Endpoint Protection
Cybersecurity researchers have uncovered a concerning new attack vector where threat actors are exploiting free trials of endpoint detection and response (EDR) software to disable…
It’s time to sound the alarm on water sector cybersecurity
A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious…