Catching a phish with many faces
Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly 09…
Author: Cybernoz
New Supply Chain Attack Targets Legitimate npm Package with 45,000 Weekly Downloads
A sophisticated supply chain attack targeting the popular npm package ‘rand-user-agent’ was discovered on May 5, 2025. The compromise affects a legitimate JavaScript library used…
New Mamona Ransomware Attack Windows Machines by Abusing Ping Commands
A new ransomware strain dubbed “Mamona” that operates entirely offline and leverages a clever attack strategy that abuses the Windows ping command. Unlike traditional ransomware…
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a…
Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search Results
Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques…
Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors
A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems…
Threat Actors Attacking Job Seekers With Three New Unique Adversaries
A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These…
SonicWall customers confront resurgence of actively exploited vulnerabilities
Vulnerabilities are proliferating in SonicWall devices and software this year, putting the vendor’s customers at risk of intrusion via secure access gateways and firewalls. The…
In Defense of C/C++ (Part 3)
In this third part of the series on secure programming in C and C++ I will be looking into some of the tooling available to…
Webinar: The Humanized Internet – Dignity, Digital Identity, and Democracy
Join the authors and contributors of The Humanized Internet for an engaging discussion on the future of digital identity, privacy, and the role of technology…
Botnet Made Up Of 7,000 End-Of-Life Routers Taken Down
A joint U.S.-Dutch law enforcement operation has taken down a botnet-for-hire that was comprised of thousands of end-of-life routers. The U.S. Department of Justice (DOJ)…
Police dismantles botnet selling hacked routers as residential proxies
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known…