DeepSeek Data Leak Exposes 12,000 Hardcoded API Keys and Passwords
A sweeping analysis of the Common Crawl dataset—a cornerstone of training data for large language models (LLMs) like DeepSeek—has uncovered 11,908 live API keys, passwords,…
Author: Cybernoz
260 Domains Hosting 5,000 Malicious PDFs to Steal Credit Card Data
Netskope Threat Labs uncovered a sprawling phishing operation involving 260 domains hosting approximately 5,000 malicious PDF files. These documents, disguised as legitimate resources, employ fake…
Understanding the AI Act and its compliance challenges
In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can…
16 Google Chrome Extensions Hijacked – Are You Affected?
A new cybersecurity breach has put over 3.2 million Google Chrome users at risk after hackers hijacked popular browser extensions, injecting malicious scripts and redirecting…
Winos4.0 Malware Targets Windows Users Through Malicious PDF Files
A new wave of cyberattacks leveraging the Winos4.0 malware framework has targeted organizations in Taiwan through malicious PDF attachments disguised as tax inspection alerts, according…
Infosec products of the month: February 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo…
PayPal’s “no-code checkout” abused by scammers
We recently identified a new scam targeting PayPal customers with very convincing ads and pages. Crooks are abusing both Google and PayPal’s infrastructure in order…
GHOSTR Hacker Linked to 90+ Data Breaches Arrested
A coordinated effort between law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB has led to the arrest of a prolific hacker tied to more…
Vo1d malware botnet grows to 1.6 million Android TVs worldwide
A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous…
FBI says North Korea was responsible for US$1.5 billion ByBit hack – Security
The Federal Bureau of Investigation said that North Korea was responsible for the theft of approximately US$1.5 billion ($2.4 billion) in virtual assets from cryptocurrency…
Privacy tech firms warn France’s encryption and VPN laws threaten privacy
Privacy-focused email provider Tuta (previously Tutanota) and the VPN Trust Initiative (VTI) are raising concerns over proposed laws in France set to backdoor encrypted messaging systems…
New Malware Uses Legitimate Antivirus Driver to Bypass All System Protections
In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that exploits a legitimate antivirus driver to bypass system protections. The…