GrubHub data breach impacts customers, drivers, and merchants
Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its…
Author: Cybernoz
Canadian National Charges for Stealing $65 Million in Crypto
U.S. prosecutors have charged Andean Medjedovic, a 22-year-old Canadian, with five counts of criminal indictment for allegedly orchestrating a sophisticated cryptocurrency theft. Medjedovic is accused…
Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
Schools have faced an onslaught of cyberattacks since the pandemic disrupted education nationwide five years ago, yet district leaders across the country have employed a…
FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections
A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign. Despite…
New Attack Technique to Bypassing EDR as Low Privileged Standard User
A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account. Traditionally,…
Beware of Fake DeepSeek PyPI packages that Delivers Malware
The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository. The campaign involved two packages,…
Why logs aren’t enough: Enhancing SIEM with AI-driven NDR
Join cybersecurity expert Jonathan Mayled from 5-hour Energy as he uncovers the limitations of log-based SIEMs and the transformative role of AI-driven Network Detection and…
Roundcube XSS Vulnerability Let Attackers Inject Malicious Files
A critical Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2024-57004, has been discovered in Roundcube Webmail version 1.6.9. This flaw allows remote authenticated users to upload…
Microsoft Accounts Authentication Bypass Vulnerability Lets Attackers Gain Remote Access
Microsoft has issued a security advisory for CVE-2025-21396, a critical authentication bypass vulnerability that could allow attackers to spoof credentials and gain unauthorized access to…
Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System
Dell Technologies has disclosed multiple critical vulnerabilities affecting its PowerProtect product line, including Data Domain (DD) appliances, PowerProtect Management Center, and other associated systems. These…
WhatsApp users targeted by Paragon Spyware
After the Israeli company NSO Group developed the Pegasus spyware, users of WhatsApp have now become the targets of another spyware, this time created by…
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Feb 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has shipped patches to address 47 security flaws in its Android operating system, including one it said…