FamousSparrow resurfaces to spy on targets in the US, Latin America
Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time 27 Mar 2025 The…
Author: Cybernoz
TP-Link IoT Smart Hub Vulnerability Exposes Wi-Fi Credentials
A critical vulnerability in the TP-Link Tapo H200 V1 IoT Smart Hub that could expose users’ Wi-Fi credentials to attackers. The flaw, assigned CVE-2025-3442, stems…
Langflow AI Builder Vulnerability Allows Remote Server Takeover by Attackers
A critical security vulnerability has been discovered in the Langflow AI Builder, a popular tool for creating agentic AI workflows. The flaw, tracked as CVE-2025-3248, enables…
Trump orders revocation of security clearances for Chris Krebs, SentinelOne
US President Donald Trump has signed an Executive Order on Wednesday to revoke security clearance held by Chris Krebs, the former director of the Cybersecurity…
Your 23andMe genetic data could be bought by China, senator warns
Senator Cassidy, the chair of the US Senate Health, Education, Labor, and Pensions Committee has expressed concerns about foreign adversaries, including the Chinese Communist Party,…
A Deep Dive Into AI & NHI
Apr 10, 2025The Hacker NewsAI Security / Enterprise Security AI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly…
The Republicans Have Deliberately Chosen to Campaign on Emotion Rather Than Issues
It’s not that their logical arguments are slightly more emotional than democratic logical arguments; they’re actually purposely avoiding logic altogether. Emotion is simply far more…
RansomHub affiliates linked to rival RaaS providers
ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions 27 Mar 2025…
Microsoft 365 Family Subscriptions Users Hit by Licensing Glitch Denies Services
Microsoft 365 Family subscribers are currently facing disruptions in accessing their services due to a potential licensing issue, as confirmed by Microsoft on Thursday, April…
Powerful Post-Exploitation Toolkit for Active Directory Attacks
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…
CTM360 Uncovers a Play Masquerading Party
Overview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+…
An APT group exploited ESET flaw to execute malware
An APT group exploited ESET flaw to execute malware Pierluigi Paganini April 10, 2025 At least one APT group has exploited a vulnerability in ESET…