GitHub Supply Chain Attack Raises Awareness Across The Cybersecurity Community
The recent GitHub software supply chain attack has exposed up to 23,000 repositories, which now has CISA sounding the alarm. The vulnerability is affecting a…
Author: Cybernoz
53% of security teams lack continuous and up-to-date visibility
Enterprises lack visibility into their own data, creating security risks that are compounding as organizations and their employees increase AI adoption, according to Bedrock Security.…
Coinbase originally targeted during GitHub Action supply chain attack
Dive Brief: The threat actors in the GitHub Action supply chain attack were targeting Coinbase as part of their initial wave, according to a report…
US removes sanctions against Tornado Cash crypto mixer
The U.S. Department of Treasury announced today that it has removed sanctions against Tornado Cash, a cryptocurrency mixer used by North Korean Lazarus hackers to launder…
Medusa ransomware using malicious driver as EDR killer
A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) products on targeted organization networks. According…
Learn Malware Analysis with This Hands-on Course
While cyber threats evolve at an unprecedented pace, equipping the next generation of cybersecurity professionals with practical, hands-on skills is more critical than ever. ANY.RUN’s…
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in…
Dutch workforce faces radical transformation as AI adoption accelerates
While the Netherlands leads Europe in AI adoption, with 95% of organisations running AI programmes, labour market experts warn that these dramatic predictions should be…
Examining the State of IGA
Today’s organizations face a rapidly multiplying number of digital identities as hybrid work and cloud, SaaS, IIoT, and other technologies proliferate. Companies understand the critical…
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120, exploit weaknesses in deserialization mechanisms,…
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Mar 21, 2025Ravie LakshmananRansomware / BYOVD The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as…
Steam pulls game demo infecting Windows with info-stealing malware
Valve has removed from its Steam store the game title ‘Sniper: Phantom’s Resolution’ following multiple users reporting that the demo installer infected their systems with information…