10 Critical Vulnerabilities Show 69% Drop from October
November 2025 saw a significant 69% decrease in high-impact vulnerabilities, with Recorded Future’s Insikt Group® identifying 10 vulnerabilities requiring immediate attention, down from 32 in…
Author: Cybernoz
Dispelling Ransomware Deployment Myths | Huntress
When a ransomware attack occurs, the focus is most often on the encryption of files. Initial access is often glossed over or simply assumed. In…
How Threats Use Geometry to Prove ‘Humanness’
By Sila Ozeren Hacioglu, Security Research Engineer at Picus Security. Splashy breaches are out. Attackers are increasingly abandoning loud, disruptive attacks in favor of long-term,…
OpenAI to Acquire Promptfoo to Address Vulnerabilities in AI Systems
OpenAI has announced the acquisition of Promptfoo, an artificial intelligence security platform designed to help enterprises identify and fix vulnerabilities in their AI systems during…
Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page,…
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
Cybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The…
US entities face heightened cyber risk related to Iran war
Ratings agencies warn that the U.S. and Israeli bombing campaign against Iran could raise the level of cyber risk for U.S. public finance issuers. Fitch…
What’s Next for Enterprise Threat Intelligence in 2026
Introduction The cybersecurity landscape is rapidly growing in scale and complexity. Enterprises face a rising tide of sophisticated threats that cannot be contained by traditional,…
The RSAC 2026 Conference talks worth catching
Another year and yet another RSAC Conference looms. While there are a few invite-only events on Sunday, this year’s conference starts in earnest on Monday,…
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello. The feature is opt-in and will…
GPS Attacks Near Iran Are Wreaking Havoc on Delivery and Mapping Apps
People on social media have reported strange events on delivery and navigation apps—drivers appear to be in the middle of the sea, or a 10-minute…
Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data
A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this flaw allows unauthenticated attackers…