1 Million Third-Party Android Devices Have a Secret Backdoor for Scammers
Researchers from multiple firms say that the campaign seems to come from a loosely connected ecosystem of fraud groups rather than one single actor. Each…
Author: Cybernoz
U.S. Cracks Down on Nemesis Darknet Admin with New Treasury Sanctions
The U.S. Department of the Treasury has intensified its global campaign against darknet-facilitated drug trafficking by sanctioning Behrouz Parsarad, the Iran-based administrator of the notorious…
Hackers Exploit Cloud Misconfigurations to Spread Malware
Veriti Research reveals 40% of networks allow ‘any/any’ cloud access, exposing critical vulnerabilities. Learn how malware like XWorm and Sliver C2 exploit cloud misconfigurations. Recent…
Telegram EvilVideo Vulnerability Exploited to Run Malicious Code on Victims’ Devices
A newly documented exploitation technique targeting Telegram’s file-sharing infrastructure has raised alarms in cybersecurity circles. Dubbed “EvilVideo,” this attack vector leverages a vulnerability (CVE-2024-7014) in…
Fake InMail Messages Spreading ConnectWise Trojan
Cofense uncovers new LinkedIn phishing scam delivering ConnectWise RAT. Learn how attackers bypass security with fake InMail emails and how to protect against this sophisticated…
Polish Space Agency POLSA disconnected its network following a cyberattack
Polish Space Agency POLSA disconnected its network following a cyberattack Pierluigi Paganini March 05, 2025 The Polish space agency POLSA announced it has disconnected its…
Sonatype AI SCA delivers visibility and control over AI/ML usage
Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI. With its expertise in open…
Zoho ADSelfService Plus Flaw Allows Hackers to Gain Unauthorized Access
A critical security flaw in Zoho’s widely used identity management solution, ADSelfService Plus, has been patched after researchers discovered it could enable attackers to hijack…
Brunei Blocks 82 Scam Websites, 557 Fraud Numbers
Brunei has raged up its efforts to fight cyber threats and online scams, with Minister of Transport and Infocommunications Yang Berhormat Pengiran Dato Seri Setia…
PoC Released for HPE Remote Support Tool Vulnerability Allowing Remote Code Execution
Security researchers have released proof-of-concept (PoC) exploit code for critical vulnerabilities in Hewlett Packard Enterprise’s (HPE) Insight Remote Support (IRS) tool, including an unauthenticated XML External…
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Mar 05, 2025Ravie LakshmananOpen Source / Malware Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are…
Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover
A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows unauthenticated attackers to take control of vulnerable…