CISA Warns of Windows Shell Zero-Day Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026,…
Author: Cybernoz
Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise
Researchers from Deutsche Telekom’s Red Team have identified a high-severity security flaw in PackageKit, the software that helps in managing packages across different Linux systems.…
The Exchange Online security controls organizations keep getting wrong
In this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while organizations…
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Ravie LakshmananApr 29, 2026Vulnerability / Cloud Security In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security…
Vect ransomware actually destructive wiper malware
The authors of a new strain of ransomware called Vect are drawing attention thanks to a partnership with the TeamPCP gang and an ambitious collaboration…
ClickUp Disclosed Feature Flag Misconfiguration Exposed 893 Email Addresses
A security researcher’s public disclosure on April 27 forced ClickUp to confront a misconfiguration its own engineering review process had missed for months. 893 customer…
ABA says big tech tax gap putting payments at risk
The Australian Banking Association has warned that national payment systems are being placed at risk by a widening gap in the tax and regulatory obligations…
The Mythos Moment: Enterprises Must Fight Agents with Agents
When Anthropic introduced its Claude Mythos Preview, it realized the enormous cyber risk it posed and decided it was too dangerous for public release. The…
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links Pierluigi Paganini April 28, 2026 NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors…
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Federal Chief Information Officer Greg Barbaccia said Tuesday the government is approaching Anthropic’s Mythos model with measured expectations, acknowledging both its potential to strengthen federal…
More fake extensions linked to GlassWorm found in Open VSX code marketplace
“With software packages, we have lockfiles, pinned hashes, and reproducible builds. With IDE [integrated development environment] extensions, we have almost nothing. There is no integrity…
Solving The “What Is The Threat To OT Systems” Problem
Recently I wrote about the dichotomy between the reports and experts annually citing a big increase in the cyber threat to OT systems and the…