Author: Cybernoz

Fake VPN Chrome Extensions Steal Credentials by Intercepting User Traffic
23
Dec
2025

Fake VPN Chrome Extensions Steal Credentials by Intercepting User Traffic

Socket’s Threat Research Team has exposed a sophisticated credential-harvesting campaign that has operated through malicious Chrome extensions since 2017. Two…

Share: X : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficFacebook : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficLinkedin : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficReddit : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficTelegram : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficWhatsApp : Fake VPN Chrome Extensions Steal Credentials by Intercepting User TrafficEmail : Fake VPN Chrome Extensions Steal Credentials by Intercepting User Traffic
US bars approvals of new models of DJI, all other foreign drones
23
Dec
2025

US bars approvals of new models of DJI, all other foreign drones

The US Federal Communications Commission said it was adding China’s DJI, Autel and ​all foreign-made drones ⁠and components to a…

Share: X : US bars approvals of new models of DJI, all other foreign dronesFacebook : US bars approvals of new models of DJI, all other foreign dronesLinkedin : US bars approvals of new models of DJI, all other foreign dronesReddit : US bars approvals of new models of DJI, all other foreign dronesTelegram : US bars approvals of new models of DJI, all other foreign dronesWhatsApp : US bars approvals of new models of DJI, all other foreign dronesEmail : US bars approvals of new models of DJI, all other foreign drones
Critical n8n flaw could enable arbitrary code execution
23
Dec
2025

Critical n8n flaw could enable arbitrary code execution

Critical n8n flaw could enable arbitrary code execution Pierluigi Paganini December 23, 2025 A critical flaw in the n8n automation…

Share: X : Critical n8n flaw could enable arbitrary code executionFacebook : Critical n8n flaw could enable arbitrary code executionLinkedin : Critical n8n flaw could enable arbitrary code executionReddit : Critical n8n flaw could enable arbitrary code executionTelegram : Critical n8n flaw could enable arbitrary code executionWhatsApp : Critical n8n flaw could enable arbitrary code executionEmail : Critical n8n flaw could enable arbitrary code execution
CISA, eyeing China, plans hiring spree to rebuild its depleted ranks
23
Dec
2025

CISA loses key employee behind early ransomware warnings

Listen to the article 5 min This audio is auto-generated. Please let us know if you have feedback. A Cybersecurity…

Share: X : CISA loses key employee behind early ransomware warningsFacebook : CISA loses key employee behind early ransomware warningsLinkedin : CISA loses key employee behind early ransomware warningsReddit : CISA loses key employee behind early ransomware warningsTelegram : CISA loses key employee behind early ransomware warningsWhatsApp : CISA loses key employee behind early ransomware warningsEmail : CISA loses key employee behind early ransomware warnings
Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios
23
Dec
2025

Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios

A comprehensive analysis of CVE-2025-50165, a critical Windows vulnerability affecting the Windows Imaging Component (WIC). That could potentially enable remote…

Share: X : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosFacebook : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosLinkedin : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosReddit : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosTelegram : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosWhatsApp : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack ScenariosEmail : Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios
Spotify Music Library Targeted as Hacktivists Scrape 86 Million Files
23
Dec
2025

Spotify Music Library Targeted as Hacktivists Scrape 86 Million Files

Anna’s Archive, a prominent digital preservation platform, has announced the largest unauthorized extraction of Spotify music data ever recorded. The…

Share: X : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesFacebook : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesLinkedin : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesReddit : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesTelegram : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesWhatsApp : Spotify Music Library Targeted as Hacktivists Scrape 86 Million FilesEmail : Spotify Music Library Targeted as Hacktivists Scrape 86 Million Files
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
23
Dec
2025

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that…

Share: X : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesFacebook : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesLinkedin : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesReddit : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesTelegram : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesWhatsApp : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 SitesEmail : Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install Malware
23
Dec
2025

Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install Malware

Cybersecurity researchers have uncovered a sophisticated campaign where threat actors impersonate writers from major Korean broadcasting networks to distribute malicious…

Share: X : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareFacebook : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareLinkedin : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareReddit : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareTelegram : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareWhatsApp : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install MalwareEmail : Threat Actors Poses as Korean TV Programs Writer to Trick Victims and Install Malware
MacSync Stealer Malware Targets macOS Users Through Digitally Signed Apps
23
Dec
2025

MacSync Stealer Malware Targets macOS Users Through Digitally Signed Apps

Jamf Threat Labs has uncovered a new MacSync Stealer campaign that significantly raises the bar for macOS malware delivery by…

Share: X : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsFacebook : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsLinkedin : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsReddit : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsTelegram : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsWhatsApp : MacSync Stealer Malware Targets macOS Users Through Digitally Signed AppsEmail : MacSync Stealer Malware Targets macOS Users Through Digitally Signed Apps
ServiceNow agrees to buy cyber firm Armis for $7.75B
23
Dec
2025

ServiceNow agrees to buy cyber firm Armis for $7.75B

ServiceNow has agreed to buy cybersecurity firm Armis for $7.75 billion in cash, a deal that would push the enterprise…

Share: X : ServiceNow agrees to buy cyber firm Armis for $7.75BFacebook : ServiceNow agrees to buy cyber firm Armis for $7.75BLinkedin : ServiceNow agrees to buy cyber firm Armis for $7.75BReddit : ServiceNow agrees to buy cyber firm Armis for $7.75BTelegram : ServiceNow agrees to buy cyber firm Armis for $7.75BWhatsApp : ServiceNow agrees to buy cyber firm Armis for $7.75BEmail : ServiceNow agrees to buy cyber firm Armis for $7.75B
Microsoft Teams
23
Dec
2025

Microsoft Teams strengthens messaging security by default in January

Microsoft announced that Teams will automatically enable messaging safety features by default to strengthen defenses against content tagged as malicious….

Share: X : Microsoft Teams strengthens messaging security by default in JanuaryFacebook : Microsoft Teams strengthens messaging security by default in JanuaryLinkedin : Microsoft Teams strengthens messaging security by default in JanuaryReddit : Microsoft Teams strengthens messaging security by default in JanuaryTelegram : Microsoft Teams strengthens messaging security by default in JanuaryWhatsApp : Microsoft Teams strengthens messaging security by default in JanuaryEmail : Microsoft Teams strengthens messaging security by default in January
University of Phoenix Data Breach
23
Dec
2025

University of Phoenix Data Breach

University of Phoenix, one of the largest for-profit educational institutions in the United States, disclosed a significant data breach affecting…

Share: X : University of Phoenix Data BreachFacebook : University of Phoenix Data BreachLinkedin : University of Phoenix Data BreachReddit : University of Phoenix Data BreachTelegram : University of Phoenix Data BreachWhatsApp : University of Phoenix Data BreachEmail : University of Phoenix Data Breach