The link between security maturity and bug bounty success
What defines a security maturity posture? A security maturity posture refers to an organization’s ability to detect, manage, and mitigate security vulnerabilities and risks. It…
Author: Cybernoz
Deepfakes, Scams, and the Age of Paranoia
As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online. Source link
Metasploit Update Adds Erlang/OTP SSH Exploit and OPNSense Scanner
The open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit targeting Erlang/OTP SSH servers and…
New SEO Poisoning Campaign Targeting IT Admins With Malware
Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root access vulnerability in Azure’s AZNFS-mount utility affecting…
University will ‘pull the plug’ to test Nutanix disaster recovery
The University of Reading’s IT team plans to “pull the plug” on its Nutanix-based infrastructure to test disaster recovery readiness after a move to the…
Cybercrime Escalates in 2025 as Hackers Target Everyday Devices with Sophisticated Attacks
The global cost of cybercrime is projected to reach $10.5 trillion annually by 2025, underscoring the unprecedented scale of digital threats in an increasingly connected…
Hackers Exploit Legacy Protocols in Microsoft Entra ID to Bypass MFA and Conditional Access
A sophisticated and highly coordinated cyberattack campaign came to light, as tracked by Guardz Research. This operation zeroed in on legacy authentication protocols within Microsoft…
Passwordless authentication: Where security meets productivity
According to Verizon’s 2024 Data Breach Investigations Report, 80% of breaches stem from compromised credentials. While passwords were meant to protect us, they’ve instead become…
Hackers Exploit Copilot AI for SharePoint to Access Passwords & Other Sensitive Data
Multiple vulnerabilities in Microsoft’s Copilot AI for SharePoint, enabling attackers to access sensitive corporate data including passwords, API keys, and confidential documents. As organizations increasingly…
Google Researchers Use Mach IPC to Uncover Sandbox Escape Vulnerabilities
Google Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components of…
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
May 12, 2025Ravie LakshmananMalware / Artificial Intelligence Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into…
CVE-2024-26809: Linux Nftables Double-Free Vulnerability
A critical security flaw has been discovered in the Linux kernel’s nftables subsystem, which is responsible for packet filtering in modern Linux distributions. This flaw,…