Lazarus Group Using New Malware Tactic To Attack Developers Globally
The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide.…
Author: Cybernoz
Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)February 2025 Patch…
EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems
A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law…
XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents
Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity threat, and this campaign dubbed as “XELERA.” This campaign uses…
Lazarus Group Infostealer Malwares Attacking Developers In New Campaign
The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. This campaign involves…
Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly
A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly…
Beware of Fake BSOD Delivered by Malicious Python Script
A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick. This script, which…
New Go-Based Malware Exploits Telegram and Use It as C2 Channel
Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. While the malware appears to…
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild
A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild, cybersecurity firms warn. The surge in…
We have Enough AI for AGI
I wrote recently about the difference between Functional and Technical AGI. I argued that Technical AGI is the real deal (AI that can generalize it’s…
Functional vs. Technical AGI | Daniel Miessler
I think we should make a distinction between Functional AGI and Technical AGI. Functional AGI is what I use in my definition of AGI—basically an…
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 15, 2025 U.S. Cybersecurity…