Charities struggle to find the skills to adopt AI
The number of charities using artificial intelligence (AI) tools has increased over the past year, but many believe they lack the appropriate skills for the…
Author: Cybernoz
GPT-5 is coming, “we’ll see” if it creates a shockwave
OpenAI’s next foundational and state-of-the-art model, GPT-5, is still on its way after a delay. OpenAI won’t tell us the release date for now. In…
Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It
A critical security vulnerability in TeleMessageTM SGNL, an enterprise messaging system modeled after Signal, has been actively exploited by cybercriminals seeking to extract sensitive user…
New WAFFLED Attack Exploits AWS, Azure, Cloud Armor, Cloudflare, and ModSecurity WAFs
WAFFLED is a recently disclosed technique that evades leading Web Application Firewalls (WAFs) by targeting subtle parsing inconsistencies rather than tampering with the malicious payload…
BIND 9 Vulnerabilities Expose Organizations to Cache Poisoning and DoS Attacks
Two critical vulnerabilities in the BIND 9 DNS resolver software are affecting organizations worldwide, with potential cache poisoning and denial-of-service attacks. The vulnerabilities, identified as…
Cisco CVE-2025-20337 & ISE-PIC Vulnerabilities Uncovered
Cisco has issued a new security advisory warning of newly discovered vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), revealing…
BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
The Internet Systems Consortium (ISC) has disclosed two critical security vulnerabilities in BIND 9, one of the most widely used DNS software implementations worldwide. Published…
New infosec products of the week: July 18, 2025
Here’s a look at the most interesting products from the past week, featuring releases from At-Bay, Immersive, NETSCOUT, Socure, and Stellar Cyber. Stellar Cyber 6.0.0…
Roblox Launches AI Age Checks Amid Teen Safety Concerns
Roblox has announced a new suite of safety and privacy updates aimed at teenagers, including an AI-driven age estimation system, enhanced parental insight tools, and…
QR Code Quishing Campaign Bypassing Security
Cyble’s Research and Intelligence Lab (CRIL) has analyzed a new quishing campaign that leverages QR codes embedded in PDF files to deliver malicious payloads. The…
Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges
A critical vulnerability in Microsoft Entra ID allows attackers to escalate privileges to the Global Administrator role through the exploitation of first-party applications. The vulnerability,…
Signal App Clone Vulnerability Actively Exploited for Password Theft
A critical vulnerability in TeleMessageTM SGNL, an enterprise messaging platform modeled after Signal, is being actively exploited by threat actors to steal passwords and sensitive…