Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover
Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover Pierluigi Paganini July 28, 2025 Critical vulnerability in Post SMTP plugin risks full…
Author: Cybernoz
Threat Actors Claiming Breach of Airpay Payment Gateway
Cybercriminals have allegedly compromised Airpay, one of India’s prominent digital payment gateway providers, exposing sensitive financial data of thousands of users and businesses. The threat…
NPM ‘is’ Package with 2.8M Weekly Downloads Exploited in Attack on Developers
The popular npm package ‘is’, which has about 2.8 million weekly downloads, has been taken over by threat actors in a sophisticated escalation of a…
Oyster Malware as PuTTY, KeyPass Attacking IT Admins by Poisoning SEO Results
The Oyster malware, also known as Broomstick or CleanupLoader, has resurfaced in attacks disguised as popular tools like PuTTY, KeyPass, and WinSCP. This malware, active…
Atomic macOS Stealer Upgraded with Remote Access Backdoor
The Atomic macOS Stealer (AMOS), a notorious infostealer malware targeting Apple’s macOS ecosystem, has undergone a significant upgrade by incorporating a sophisticated backdoor mechanism that…
Why It Needs a Modern Approach
Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most…
European digital market figurehead pleads to Westminster
European data venture Gaia-X lobbied UK government officials to help build Europe’s data market in a Parliamentary meeting sponsored by an MP who wants Britain…
Aeroflot Cyberattack Disrupts Flights, Silent Crow Claims
Russian airline Aeroflot faced a disruption today (July 28) after cancelling dozens of flights due to what it described as a failure in its information…
ToolShell Exploit Chain Attacking SharePoint Servers to Gain Complete Control
A critical new threat targeting Microsoft SharePoint servers through a sophisticated exploit chain dubbed “ToolShell.” This multi-stage attack combines previously patched vulnerabilities with fresh zero-day…
Call Center Attacks for Initial Breach
Palo Alto Networks’ Unit 42, the cybercrime group tracked as Muddled Libra also known as Scattered Spider or UNC3944 has demonstrated remarkable resilience and adaptation…
Women Only Dating Platform Leaks 72K User Images
The “Tea” app, a new and popular social platform for women, confirmed a major data breach affecting users who joined before February 2024. The announcement…
Scattered Spider targets VMware ESXi in using social engineering
Scattered Spider targets VMware ESXi in using social engineering Pierluigi Paganini July 28, 2025 Scattered Spider targets VMware ESXi in North America using social engineering,…