China-linked APT Salt Typhoon targets Canadian Telecom companies
China-linked APT Salt Typhoon targets Canadian Telecom companies Pierluigi Paganini June 24, 2025 Canada and FBI warn of China-linked APT Salt Typhoon targeting Canadian telecom…
Author: Cybernoz
what’s best for your business?
Organizations are adopting bug bounty programs more and more as part of a layered security strategy to address the skills gap and to help their…
WinRAR Directory Vulnerability Let Execute Arbitrary Code Using a Malicious File
Summary 1. A high-severity flaw (CVE-2025-6218) in WinRAR allows attackers to execute arbitrary code by exploiting how the software handles file paths within archives. 2.…
OWASP Launches AI Testing Guide to Uncover Vulnerabilities in AI Systems
As artificial intelligence (AI) becomes a cornerstone of modern industry, the Open Web Application Security Project (OWASP) has announced the release of its AI Testing…
North Korean Hackers Trick Users With Weaponized Zoom Apps to Execute System-Takeover Commands
A sophisticated cybercriminal campaign has emerged targeting professionals through meticulously crafted fake Zoom applications designed to execute system takeover commands. The attack leverages advanced social…
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system…
WhatsApp Banned on U.S. House Staffers Devices Due to Potential Security Risks
Summary 1. The U.S. House Chief Administrative Officer banned WhatsApp from all government-issued devices used by congressional staffers, including mobile, desktop, and web browser versions.…
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code…
Insurer Aflac investigating possible data leak
Health and life insurer Aflac said it is investigating a breach on its US network that may have exposed customers’ personal information, making it the…
LapDogs Hackers Leverages 1,000 SOHO Devices Using a Custom Backdoor to Act Covertly
A sophisticated China-linked cyber espionage campaign has emerged, targeting over 1,000 Small Office/Home Office (SOHO) devices worldwide through an advanced Operational Relay Box (ORB) network…
Notepad++ Vulnerability Allows Full System Takeover — PoC Released
A critical privilege escalation vulnerability (CVE-2025-49144) in Notepad++ v8.8.1 enables attackers to achieve full system control through a supply-chain attack. The flaw exploits the installer’s…
Why work-life balance in cybersecurity must start with executive support
In this Help Net Security interview, Stacy Wallace, CISO at Arizona Department of Revenue, talks about the realities of work-life balance in cybersecurity leadership. She…