Toy Giant Hasbro Hit by Cyberattack
Toy and game giant Hasbro on Wednesday reported being hit by a cyberattack that has disrupted some of the company’s processes. In a filing with…
Author: Cybernoz
Google fixes fourth actively exploited Chrome zero-day of 2026
Google fixes fourth actively exploited Chrome zero-day of 2026 Pierluigi Paganini April 01, 2026 Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the…
Iran-linked actors target Middle Eastern city governments to undermine missile-strike responses
Hackers associated with the Iranian government are trying to make it harder for cities in Israel and the Gulf states to respond to Iranian missile…
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
“Opening a file in GNU Emacs can trigger arbitrary code execution through version control (git), most requiring zero user interaction beyond the file open itself.…
WhatsApp notifies hundreds of users who installed a fake app made by government spyware maker
WhatsApp says it has notified around 200 users who were tricked into installing a malicious fake version of the chat app that contained spyware. WhatsApp…
Industrialization of the Fraud Ecosystem Blog
Payment fraud no longer operates as a collection of discrete schemes run by individual threat actors. It is increasingly sustained by an industrial support ecosystem:…
Axios npm Supply Chain Attack FAQ: North Korea UNC1069
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during…
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise…
Magecart Hackers Use 100+ Domains to Hijack eStore Checkouts
Magecart Hijacks eStore Checkouts to Steal Card Data A sophisticated and long-running Magecart campaign has been quietly operating for over 24 months, infecting e-commerce websites…
Proton Launches Encrypted Video Conferencing and Unified Workspace to Take On Google and Microsoft
Swiss privacy company Proton has today announced the simultaneous launch of Proton Workspace and Proton Meet, its most significant expansion yet into the enterprise productivity…
Google Warns of New Chrome Zero-Day Under Active Exploitation — Users Urged to Update Immediately
Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being…
LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts
A new phishing campaign uses fake LinkedIn notifications to hijack professional accounts. Research from Cofense PDC reveals how spoofed domains like inedin.digital are used to…