FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections
A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign. Despite…
Author: Cybernoz
New Attack Technique to Bypassing EDR as Low Privileged Standard User
A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account. Traditionally,…
Beware of Fake DeepSeek PyPI packages that Delivers Malware
The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository. The campaign involved two packages,…
Why logs aren’t enough: Enhancing SIEM with AI-driven NDR
Join cybersecurity expert Jonathan Mayled from 5-hour Energy as he uncovers the limitations of log-based SIEMs and the transformative role of AI-driven Network Detection and…
Roundcube XSS Vulnerability Let Attackers Inject Malicious Files
A critical Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2024-57004, has been discovered in Roundcube Webmail version 1.6.9. This flaw allows remote authenticated users to upload…
Microsoft Accounts Authentication Bypass Vulnerability Lets Attackers Gain Remote Access
Microsoft has issued a security advisory for CVE-2025-21396, a critical authentication bypass vulnerability that could allow attackers to spoof credentials and gain unauthorized access to…
Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System
Dell Technologies has disclosed multiple critical vulnerabilities affecting its PowerProtect product line, including Data Domain (DD) appliances, PowerProtect Management Center, and other associated systems. These…
WhatsApp users targeted by Paragon Spyware
After the Israeli company NSO Group developed the Pegasus spyware, users of WhatsApp have now become the targets of another spyware, this time created by…
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Feb 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has shipped patches to address 47 security flaws in its Android operating system, including one it said…
ValleyRAT Attacking Org’s Accounting Department With New Delivery Techniques
Researchers unveiled a sophisticated malware campaign in a recent cybersecurity alert involving ValleyRAT, a Remote Access Trojan (RAT) frequently linked to the Silver Fox APT…
Considerations while choosing a cybersecure database for Generative AI
As Generative AI continues to revolutionize industries by creating novel content such as text, images, and even code, it is crucial to ensure that the…
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
Feb 04, 2025The Hacker NewsVulnerability / Cloud Security Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft…