Debunking API Security Myths
I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most...
Read more →Author: Cybernoz
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact...
Read more →
Researchers Exploit 0-Day Flaws in Retired Netgear Router and BitDefender Box
Cybersecurity researchers successfully exploited critical zero-day vulnerabilities in two discontinued network security devices during DistrictCon’s inaugural Junkyard competition in February,...
Read more →
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
Jul 31, 2025Ravie Lakshmanan The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM)...
Read more →
Bangalore Techie Employee Arrested in Connection With the $44 Million CoinDCX Hack
The Bangalore-based software engineer Rahul Agarwal, employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44...
Read more →
Chinese Silk Typhoon Hackers File Over 10 Patents for Advanced Intrusive Hacking Tools
A SentinelLABS investigation has revealed that businesses linked to the Chinese advanced persistent threat (APT) group Hafnium, also known as...
Read more →
China Probes Nvidia H20 Chips Over Security Concerns
China’s top cybersecurity authority, the Cyberspace Administration of China (CAC), has officially summoned representatives from Nvidia to address alleged security...
Read more →
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat...
Read more →
Critical SUSE Manager Vulnerability Allows Remote Command Execution as Root
A critical security vulnerability has been discovered in SUSE Manager that enables attackers to execute arbitrary commands with root privileges...
Read more →
Meta prepares for gigawatt datacentres to power ‘superintelligence’
Meta, the parent company of Facebook, WhatsApp and Instagram, has reported increases in operating cost and research and development as...
Read more →
CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable...
Read more →
NOVABLIGHT Masquerades as Educational Tool to Steal Login Credentials and Compromise Crypto Wallets
A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data...
Read more →