Digital Asset Cybersecurity Initiative Announced By Treasury
The U.S. Department of the Treasury has unveiled a new digital asset cybersecurity initiative, aimed at strengthening defenses across the rapidly growing digital asset ecosystem.…
Author: Cybernoz
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Nine vulnerabilities in the open source Digital Imaging and Communications in Medicine (DICOM) server Orthanc allow attackers to crash servers, leak data, and execute arbitrary…
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials Pierluigi Paganini April 10, 2026 Hackers breached Bitcoin Depot, stole credentials, and took about…
How to Avoid Aperture Collapse
I’ve been playing with this idea of Aperture Collapse. It’s a problem I have that I suspect a lot of people have as well. It’s…
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
A research firm tallied the internet-exposed devices Iran is targeting and recommended mitigations for any infrastructure operator using them. Source link
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
The Department of Commerce is putting together a catalog of AI tools that will be given special export status by the federal government to be…
Old Docker authorization bypass pops up despite previous patch
No one checked oversized requests While the previous authorization bypass was triggered when request Content-Length was set to 0, no one checked at the time…
The Phishing-as-a-Service Pipeline: How a Scalable Fraud Ecosystem Is Driving Global Attacks
Phishing is no longer a standalone tactic. It has matured into a service-based ecosystem where specialized actors provide each component of an attack lifecycle, from…
Huntress and Our Culture of BElonging
Building a strong company culture is a journey without a final destination. It’s a blend of different factors—programs, decisions, collective experiences, and behaviors—all shaping who…
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Author: Saeed Abbasi, Senior Manager, Threat Research Unit, Qualys With Time-to-Exploit now at negative seven days and autonomous AI agents accelerating threats, the data no…
EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks
A serious security flaw found inside a widely used Android library called EngageSDK has put over 30 million cryptocurrency wallet users at risk of financial…
Big Tech, Big Exposure: Data from Over 3.5 Million Accounts Handed to US Authorities
New research from digital privacy firm Proton has revealed the staggering scale of how Google, Apple, and Meta share user data with US government authorities,…