How Amazon Prime Day Scams Are Getting Smarter and How Can You Protect Yourself
Amazon Prime Day has become a major shopping event, with 2023 setting a record as customers purchased over 375 million items worldwide, up from 300…
Author: Cybernoz
Beware of Malicious Browser Updates That Installs SocGholish Malware
Cyber threats have evolved significantly in recent years, with malicious actors employing sophisticated tactics to compromise user systems. One such threat is the SocGholish malware,…
North Korean IT Workers Infiltrate International Companies To Plant Backdoors on Systems
North Korean IT workers have been infiltrating international companies by securing remote positions under false identities. This tactic not only violates international sanctions but also…
Lazarus Group Using New Malware Tactic To Attack Developers Globally
The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide.…
Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)February 2025 Patch…
EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems
A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law…
XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents
Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity threat, and this campaign dubbed as “XELERA.” This campaign uses…
Lazarus Group Infostealer Malwares Attacking Developers In New Campaign
The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. This campaign involves…
Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly
A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly…
Beware of Fake BSOD Delivered by Malicious Python Script
A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick. This script, which…
New Go-Based Malware Exploits Telegram and Use It as C2 Channel
Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. While the malware appears to…
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild
A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild, cybersecurity firms warn. The surge in…