Author: Cybernoz

Google: Brickstone malware used to steal U.S. orgs
24
Sep
2025

Brickstone malware used to steal U.S. orgs’ data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and…

New North Korean IT Worker With Innocent Job Application Get Access to Organization’s Network
24
Sep
2025

New North Korean IT Worker With Innocent Job Application Get Access to Organization’s Network

In recent months, a sophisticated threat actor leveraging North Korean IT worker employment fraud has surfaced, demonstrating how social engineering…

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
24
Sep
2025

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads

Security researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems….

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service
24
Sep
2025

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Cybersecurity researchers at Darktrace have identified a new botnet called ShadowV2 is structured as a DDoS-for-hire service, offering attackers an…

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)
24
Sep
2025

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT…

The Blind Spot Fueling Payment Skimmer Attacks
24
Sep
2025

The Blind Spot Fueling Payment Skimmer Attacks

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout…

Jaguar Land Rover Cyberattack Halts Production Until Oct 1
24
Sep
2025

Jaguar Land Rover Cyberattack Halts Production Until Oct 1

Jaguar Land Rover (JLR) has announced an extension of its production shutdown until October 1, 2025, following a major cyberattack…

Python
24
Sep
2025

PyPI urges users to reset credentials after new phishing attacks

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index…

Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions
24
Sep
2025

Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions

Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%GoogleUser DataDefaultPreferences (for domain-joined machines)…

Geopolitical Cyber Threats in 2024: Navigating Emerging Risks with OSINT (Open-Source Intelligence)
24
Sep
2025

Geopolitical Cyber Threats in 2024: Navigating Emerging Risks with OSINT (Open-Source Intelligence)

Geopolitical tensions worldwide can have a foreseeable impact on an organisation’s physical operations, but they can also heighten the risk…

Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers
24
Sep
2025

Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers

Attackers have discovered a way to exploit Google’s core services, Google Meet, YouTube, Chrome update servers and more using a…

Software QA Teams Prevent Cyber Disasters By Finding Vulnerabilities Before Hackers Do
24
Sep
2025

Hacks And Identity Theft Hit Harder Than Ever. Consumers Are Prime Targets.

24 Sep Hacks And Identity Theft Hit Harder Than Ever. Consumers Are Prime Targets. Posted at 08:52h in Blogs by…