UL NO. 457: China Builds a Military App Using Meta Llama
SECURITY | AI | PURPOSEUNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models,…
Author: Cybernoz
Revive ZAP with a Java Swap
Jun 13, 2024 Resolving ZAP 2.15 Crashes on macOS with Java Version Issues Recently, I encountered persistent crashes while running ZAP 2.15 on macOS. The…
![[tl;dr sec] #266 - AI CVE Analysis, Hijacking Abandoned S3 Buckets, Doing Less in AppSec](https://image.cybernoz.com/wp-content/uploads/2025/03/tldr-sec-266-AI-CVE-Analysis-Hijacking-Abandoned-S3.png)
[tl;dr sec] #266 – AI CVE Analysis, Hijacking Abandoned S3 Buckets, Doing Less in AppSec
I hope you’ve been doing well! Recently Overheard It’s late so you must forgive me for the brief intro. Some recent snippets from my life:…
Researchers raise alarm about critical Next.js vulnerability
Researchers warn that attackers could exploit a recently discovered critical vulnerability in the open-source JavaScript framework Next.js to bypass authorization in middleware and gain access…
Beyond the checkbox: Demystifying cybersecurity compliance
What is the most common pain point facing businesses these days? Is it supply chain fragility? Fierce competition? Tight cashflows? Or is it the rising…
Recent Windows Server 2025 updates cause Remote Desktop freezes
Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday.…
New macOS Malware ‘ReaderUpdate’ Upgraded Arsenal With Nim and Rust Variants
A sophisticated macOS malware loader platform known as “ReaderUpdate” has significantly evolved its capabilities, with researchers identifying new variants written in Nim and Rust programming…
Navigating NIS2 Compliance: Elevating Cyber Resilience Through Network Visibility
As cyber threats continue to surge, businesses face growing pressure to fortify their defences and ensure operational continuity. Regulatory frameworks like the Network and Information…
Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT
As the Trump administration’s Department of Government Efficiency (DOGE) continues to rampage through the United States federal government, essentially guided by Elon Musk, the group…
New FamousSparrow Malware Targets Hotels and Engineering Firms with Custom Backdoor
ESET researchers have uncovered new activity from the China-aligned APT group FamousSparrow, revealing two previously undocumented versions of their custom SparrowDoor backdoor. The group, thought…
New npm Malware Attack Infects Popular Ethereum Library with Backdoor
Security researchers at ReversingLabs have discovered a new malware campaign on the npm package repository, revealing a new approach to infecting developers’ systems. Unlike typical…
Security Silos Are Failing: Why CTEM Is Key to Smarter Cyber Defense
Too much of a good thing is always problematic, and cybersecurity tools are no exception. Corporate teams juggle a surplus of cybersecurity tools, all operating…