There’s a rash of scam spam coming from a real Microsoft address
There are reports that a legitimate Microsoft email address—which Microsoft explicitly says customers should add to their allow list—is delivering scam spam. The emails originate…
Author: Cybernoz
CVE-2026-1731: Finding a critical RCE in an age of AI-driven vulnerability research
Introduction CVE-2026-1731 is an operating system (OS) command injection vulnerability impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) software. These products are critical…
Why strong auth could fail at SaaS session integrity
As security professionals, we have spent the better part of a decade building the ultimate digital fortress. We deployed FIDO2, phishing-resistant multifactor authentication (MFA), implemented…
Bypassing character blocklists with unicode overflows
Unicode codepoint truncation – also called a Unicode overflow attack – happens when a server tries to store a Unicode character in a single byte.…
AI Agents: The Next Wave Identity Dark Matter
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real…
US suspects China in breach of FBI surveillance network
US investigators believe hackers affiliated with the Chinese government are responsible for a cyber intrusion on an internal Federal Bureau of Investigation computer network that…
BYOVD to the next level. Blind EDR with Windows Symbolic Link
I. INTRODUCTION In this article, I will introduce you to a completely new method of exploiting the BYOVD technique. I have discovered that by using…
Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year
The same framework resurfaced in summer 2025, this time repurposed by UNC6353, a suspected Russian espionage group, which embedded it as hidden iframes on compromised…
Site catering to online criminals has been seized by the FBI
RAMP—the predominantly Russian-language online bazaar that billed itself as the “only place ransomware allowed”—had its dark web and clear web sites seized by the FBI…
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
Cisco Talos recently discovered a new threat actor, UAT-9921, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink.…
February 2026 Microsoft Patch Tuesday
2Critical 51Important 1Moderate 0Low Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild…
Top 10 web hacking techniques of 2024
Welcome to the Top 10 Web Hacking Techniques of 2024, the 18th edition of our annual community-powered effort to identify the most innovative must-read web…