Black Basta uses brute-forcing tool to attack edge devices
Dive Brief: Black Basta’s private chat logs were leaked last month, revealing the strategies, tactics and targeted vulnerabilities that the notorious ransomware-as-a-service gang used over…
Author: Cybernoz
How to encrypt and secure sensitive files on macOS
Encrypting files keeps sensitive data like personal details, finances, and passwords safe from attackers by making them unreadable to unauthorized users. Encryption also safeguards data…
Supply chain attack on popular GitHub Action exposes CI/CD secrets
A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub…
Cloud Storage buckets holding sensitive information vulnerable to ransomware attacks
Cloud storage has become an essential tool for businesses and individuals alike to store vast amounts of data, ranging from documents and media to highly…
Warning over free online file converters that actually install malware
The FBI Denver Field Office has warned of an increasing number of scammy websites offering free online file converter services. Instead of converting files, the…
Critical RCE flaw in Apache Tomcat actively exploited in attacks
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers…
Espressif Systems Vulnerabilities Let Attackers Execute Arbitrary Code
Security researchers have uncovered several critical vulnerabilities in Espressif Systems’ ESP-IDF framework that could allow attackers to execute arbitrary code on ESP32 devices via Bluetooth…
Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
GitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect your CI/CD pipelines. Research firm StepSecurity’s CI/CD…
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
Mar 17, 2025Ravie LakshmananWeb Security / Cyber Threat Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout…
March Windows updates mistakenly uninstall Copilot
Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems.…
Zoom Team Chat Decrypted to Uncover User Activities
In a significant development for digital forensics investigators, new research has revealed comprehensive methods to decrypt Zoom Team Chat databases, potentially exposing sensitive user communications…
Preparing For The AI-Generated Cyber Threats Of 2025
There has been a gradual but alarming shift in the digital threat landscape over the last few years, as Advanced Persistent Threats (APTs) become more…