NSW gov third party-linked cyber incidents quadruple in two years
Cyber incidents linked to third-party systems used by the NSW government have more than quadrupled over the past two years,...
Read more →Author: Cybernoz
China-Aligned TA415 Hackers Uses Google Sheets and Google Calendar for C2 Communications
The Chinese state-sponsored threat actor TA415 has evolved its tactics, techniques, and procedures by leveraging legitimate cloud services like Google...
Read more →
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth...
Read more →
MuddyWater Hackers Using Custom Malware With Multi-Stage Payloads and Uses Cloudflare to Mask Fingerprints
Since early 2025, cybersecurity teams have observed a marked resurgence in operations attributed to MuddyWater, an Iranian state–sponsored advanced persistent...
Read more →
Jaguar Land Rover Cyberattack Sparks Production, Layoff Fears
The Jaguar Land Rover cyberattack that has shuttered production lines since September 1 will extend for at least another week,...
Read more →
Microsoft outs Nigerian as RaccoonO365 PhaaS boss
The Digital Crimes Unit (DCU) at Microsoft said it has disrupted a global phishing operation called RaccoonO365, uncloaking the leader...
Read more →
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy Pierluigi Paganini September 17, 2025 China-linked...
Read more →
Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
SonicWall said it confirmed an attack on its MySonicWall.com platform that exposed customers’ firewall configuration files — the latest in...
Read more →
BeaverTail Variant via Malicious Repositories Targeting Retail Sector Organizations
A sophisticated North Korean nation-state threat actor campaign has emerged, distributing an evolved variant of the BeaverTail malware through deceptive...
Read more →
Google Play Flooded With 224 Malicious Apps, 38 Million Downloads Deliver Malware
A global ad fraud and click fraud operation, dubbed SlopAds, comprising 224 Android apps that collectively amassed more than 38...
Read more →
FileFix attack tricks users into running image-borne malware
A new social engineering “hack yourself” attack that tricks victims into executing malware through seemingly innocent file upload processes has...
Read more →
New Magecart Skimmer Attack With Malicious JavaScript Injection to Skim Payment Data
The threat landscape for e-commerce websites has once again shifted with the emergence of a sophisticated Magecart-style attack campaign, characterized...
Read more →