Microsoft and CrowdStrike partner to link hacking group names
Microsoft and CrowdStrike announced today that they’ve partnered to connect the aliases used for specific threat groups without actually using a single naming standard. As…
Author: Cybernoz
Ransomware Negotiation When and How to Engage Attackers
As ransomware attacks devastate organizations globally, many companies are turning to professional negotiators to engage directly with cybercriminals, despite strong government opposition to paying ransoms.…
New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
Checkmarx Zero researcher Ariel Harush has uncovered a sophisticated malicious package campaign targeting Python and NPM users across Windows and Linux platforms through typo-squatting and…
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul…
Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure
Security researchers at Wiz on Monday raised an alarm catching a malicious hacker hijacking misconfigured DevOps infrastructure for cryptocurrency mining in what appears to be the…
Qualcomm fixed three zero-days exploited in limited, targeted attacks
Qualcomm fixed three zero-days exploited in limited, targeted attacks Pierluigi Paganini June 02, 2025 Qualcomm addressed three zero-day vulnerabilities that, according to the company, have…
Trump budget proposal would slash more than 1,000 CISA jobs
The fiscal 2026 budget proposal President Donald Trump unveiled last week would make deep cuts to the Cybersecurity and Infrastructure Security Agency workforce, with a…
Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
Security researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed “HuluCaptcha” that covertly executes malicious code through the Windows Run…
US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
The US Department of the Treasury has taken action against Funnull Technology Inc. for enabling massive pig butchering crypto scams. This move targets the backbone…
Cyber and digital get over £1bn to enhance UK’s national security
Cyber warfare and digital defence will be the recipients of a £1bn-plus investment over the coming years to create a Digital Targeting Web (DTW) for…
SentinelOne analysis links service disruption to software flaw
SentinelOne said on Saturday that a global service disruption a few days earlier was the result of a software flaw in the company’s infrastructure control…
Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands
On May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on smartphones from Ulefone and Krüger&Matz.…