WooCommerce admins targeted by fake security patches that hijack sites
A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a “critical patch” that adds a WordPress backdoor to the site.…
Author: Cybernoz
Melbourne Airport aims to ‘predict the future’ with enhanced cyber visibility
Melbourne Airport is building up its cyber detection and response capabilities in order to secure 30 million annual passenger journeys, which are enabled by multiple…
DragonForce expands ransomware model with white-label branding scheme
The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. DragonForce is now incentivizing ransomware…
Brave’s Cookiecrumbler tool taps community to help block cookie notices
Brave has open-sourceed a new tool called “Cookiecrumbler,” which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block…
Coinbase fixes 2FA log error making people think they were hacked
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. As BleepingComputer first reported earlier…
Key Cybersecurity Considerations for 2025
As we usher in a new year, it’s crucial to focus on key areas in cybersecurity that demand our attention. While there’s undoubtedly a long…
NoSQL Injection: Advanced Exploitation Guide
NoSQL injections are relatively easier to exploit than classic SQL injections. However, developers often overlook these vulnerabilities, mainly due to limited awareness. Additionally, false beliefs…
Storm-1977 targets education sector with password spraying
Storm-1977 targets education sector with password spraying, Microsoft warns Pierluigi Paganini April 27, 2025 Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against…
Make the Most of Your Holiday Cybersecurity Awareness Efforts
The holiday season is a time for joy, celebration, and, unfortunately, an uptick in cyber threats. From phishing scams that mimic festive deals to exploitation…
What’s Right For Your Penetration Testing Team?
In the ever-changing world of cybersecurity, organizations are constantly challenged to choose the right security operations model that best supports their penetration testing teams. The…
Identity and Access Management (IAM)
In an era where digital identities have become the primary attack vector, CISOs face unprecedented pressure to secure access across increasingly complex ecosystems. Identity and…
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A recent security assessment by Shelltrail has uncovered three critical vulnerabilities in the IXON VPN client, potentially allowing attackers to escalate privileges on both Windows…