New Sorillus RAT Targets European Organizations Through Tunneling Services
An important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European client was the subject of…
Author: Cybernoz
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
Jun 17, 2025Ravie LakshmananMalware / Cyber Espionage A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as…
Scania confirms insurance claim data breach in extortion attempt
Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim…
New KimJongRAT Stealer Uses Weaponized LNK File to Deploy PowerShell-Based Dropper
The two new variants of the KimJongRAT stealer have emerged, showcasing the persistent and evolving nature of this malicious tool first identified in 2013. Detailed…
Hacker steals 1 million Cock.li user records in webmail data breach
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over…
New Chaos RAT Variants Targeting Windows and Linux Systems to Steal Sensitive Data
The Acronis Threat Research Unit has identified new variants of Chaos RAT, a remote administration tool (RAT) that has evolved from an open-source project first…
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Jun 17, 2025Ravie LakshmananVulnerability / LLM Security Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture…
How to automate IT ticket handling with AI and Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by IT and security practitioners from across…
Weaponized Research Papers Delivering Malware Through Password-Protected Documents
The AhnLab Security Intelligence Center (ASEC) recently made the concerning revelation that the infamous Kimsuky hacking organization was connected to a crafty phishing email campaign…
Instagram ‘BMO’ ads use AI deepfakes to scam banking customers
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams…
Kimsuky and Konni APT Groups Lead Active Attacks Targeting East Asia
An significant 20 Advanced Persistent Threat (APT) occurrences were found in April 2025, according to a new report from Fuying Lab’s worldwide threat hunting system.…
Hacklink Market Linked to SEO Poisoning Attacks in Google Results
Cybersecurity researchers at Netcraft have discovered a series of new SEO poisoning related attacks exploiting Google’s search results to spread malicious content and other scams.…