Companies Warned of Commvault Vulnerability Exploitation
The ongoing exploitation of a Commvault vulnerability that was targeted as a zero-day is likely part of a broader campaign against software-as-a-service (SaaS) solutions, the…
Author: Cybernoz
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. As Trend Micro recently discovered,…
Critical NETGEAR Router Flaw Allows Full Admin Access by Attackers
A severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers, enabling unauthenticated attackers to gain full administrative control over affected devices.…
Cloudflare Fixes CVE-2025-4366 In Pingora OSS Framework
Cloudflare has alerted users of a security vulnerability—tracked as CVE-2025-4366—in the widely used Pingora OSS framework. This vulnerability, a request smuggling flaw, was discovered by…
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A China-linked threat actor exploited a Trimble Cityworks zero-day vulnerability in attacks against local government entities in the US, Cisco Talos reports. Tracked as CVE-2025-0994…
Operation RapTor led to the arrest of 270 dark web vendors and buyers
Operation RapTor led to the arrest of 270 dark web vendors and buyers Pierluigi Paganini May 23, 2025 Law enforcement operation codenamed ‘Operation RapTor’ led…
Operation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily Attacks
Operation Endgame II has delivered a devastating strike against DanaBot, a notorious malware that has plagued systems since its emergence in 2018. Initially designed as…
Europol Tighten Grip On Dark Web Crime
In an international law enforcement operation, 270 individuals involved in dark web criminal activity have been arrested across ten countries. Coordinated by Europol, the operation,…
DanaBot Botnet Disrupted, 16 Suspects Charged
The notorious DanaBot botnet has been severely disrupted as part of an international law enforcement operation, which also involved charges and arrest warrants targeting over…
Windows 11 Notepad gets AI-powered text writing capabilities
Microsoft is testing a new AI-powered text generation feature in Notepad that can let Windows Insiders create content based on custom prompts. Dubbed “Write,” the…
Fortinet Zero-Day Under Attack: PoC Now Publicly Available
FortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is…
Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
A China-linked cyberespionage group has been exploiting two recent Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities in attacks targeting critical sectors in Europe, North America, and…