Cybernoz - Cybernoz

Critical ExifTool Flaw Lets Malicious Images Trigger Code Execution on macOS

ExifTool Flaw Malicious Images Trigger Code Execution on macOS A newly discovered vulnerability is challenging the long-held belief that macOS systems are inherently immune to…

March 9, 2026 Cybernoz 2 min read

PortSwigger

Using form hijacking to bypass CSP

In this post we’ll show you how to bypass CSP by using an often overlooked technique that can enable password theft in a seemingly secure…

March 9, 2026 Cybernoz 5 min read

GBHackers

1-Click ZITADEL Vulnerability Could Allow Full System Takeover

A critical Cross-Site Scripting (XSS) vulnerability has been discovered in ZITADEL, a popular open-source identity and access management platform. Tracked as CVE-2026-29191 with a Critical…

March 9, 2026 Cybernoz 2 min read

HelpnetSecurity

Open-source tool Sage puts a security layer between AI agents and the OS

Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing.…

March 9, 2026 Cybernoz 2 min read

TheHackerNews

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini…

March 9, 2026 Cybernoz 3 min read

DarkReading

Ghanaian Man Pleads Guilty in U.S. Court for Romance Scams That Stole $100M – The Cyber Express

A Ghanaian national has pleaded guilty to his role in a large-scale cyber fraud scheme that used romance scams and business email compromise tactics to…

March 9, 2026 Cybernoz 3 min read

ClipXDaemon Malware, a Stealthy Cryptocurrency Clipboard Hijacker on Linux – The Cyber Express

Security researchers have identified a new Linux malware strain called ClipXDaemon, a stealthy threat designed to target cryptocurrency users by manipulating copied wallet addresses. Cyble’s Research & Intelligence Labs…

March 9, 2026 Cybernoz 4 min read

VendorResearch

Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from CYBERA

Recorded Future is expanding its payment fraud prevention capabilities through a partnership with CYBERA, the industry leader in detecting and verifying data on scam-linked bank…

March 9, 2026 Cybernoz 4 min read

ThreatIntelligence-IncidentResponse

Reflecting on AI in 2025: Faster Attacks, Same Old Tradecraft

Background Reflecting on 2025, AI didn’t produce omnipotent, mind-bending offensive capabilities as many commentators heralded. The reality we observed was much more grounded. Adversaries leaned…

March 9, 2026 Cybernoz 7 min read

CyberSecurityNews

CISA Warns of macOS and iOS Vulnerabilities Exploited in Attacks

CISA Warns macOS and iOS Vulnerabilities Exploit The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding multiple Apple vulnerabilities currently facing…

March 9, 2026 Cybernoz 2 min read

PortSwigger

Making desync attacks easy with TRACE

Have you ever found an HTTP desync vulnerability that seemed impossible to exploit due to its complicated constraints? In this blogpost we will explore a…

March 9, 2026 Cybernoz 8 min read

GBHackers

Nginx UI Vulnerabilities Let Attackers Download Full System Backups

A critical security flaw has been discovered in Nginx UI that allows unauthenticated threat actors to download and decrypt complete system backups. Tracked as CVE-2026-27944,…

March 9, 2026 Cybernoz 2 min read