How AI Agents and APIs Can Leak Sensitive Data
Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools…
Author: Cybernoz
Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code
A severe vulnerability in Synology’s DiskStation Manager (DSM) allows remote attackers to execute arbitrary code with no user interaction. The flaw, disclosed during PWN2OWN 2024,…
MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox
In a significant development, the China-aligned advanced persistent threat (APT) group known as MirrorFace has been observed employing sophisticated tactics to enhance the stealthiness of…
TXOne Networks Stellar 3.2 helps organizations make informed security choices
TXOne Networks announced Version 3.2 of its Stellar solution, further enhancing its capabilities from endpoint protection to more comprehensive detection and response in operational technology…
Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing
A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071, enables attackers to steal NTLM hashed passwords without any user interaction beyond simply extracting a…
CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This…
CERT NZ Shares Advisory For Apache Tomcat Vulnerability
The New Zealand Computer Emergency Response Team (CERT NZ) has issued an urgent security advisory warning of a critical vulnerability, CVE-2025-24813, that affects several versions…
Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware
A sophisticated cyberattack has been uncovered, targeting booking websites to spread the LummaStealer malware. This campaign leverages fake CAPTCHA prompts and social engineering techniques to…
Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology
Sydney, Australia, March 19th, 2025, CyberNewsWire Sydney-based cybersecurity software company Knocknoc has raised a seed round from US-based venture capital firm Decibel Partners with support…
Patch Your GitHub Workflows ASAP
A security vulnerability (CVE-2025-30066) has been identified in a widely used third-party GitHub Action, tj-actions/changed files. This security flaw exposes sensitive information, including valid access…
Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code
A critical vulnerability affecting Synology’s DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified…
Browser search can land you into ransomware troubles
For years, ransomware attacks have targeted individuals, corporate networks, and government agencies. However, experts are now highlighting a new method of ransomware distribution — one…