Frontier AI and the Future of Defense: Your Top Questions Answered
Over the last several weeks, Palo Alto Networks and Unit 42 have been talking with CISOs and security leaders globally to discuss the emergence of…
Author: Cybernoz
Bitwarden CLI password manager trojanized in supply chain attack
Attackers target cloud and development credentials The trojanized Bitwarden CLI version 2026.4.0 contained a custom loader called bw_setup.js that checks if the bun package manager…
In a first, a ransomware family is confirmed to be quantum-safe
There is no practical benefit for Kyber developers to have chosen a PQC key-exchange algorithm. The Kyber ransom note gives victims one week to respond.…
UAT-4356’s Targeting of Cisco Firepower Devices
Cisco Talos is aware of UAT-4356’s continued active targeting of Cisco Firepower devices’ Firepower eXtensible Operating System (FXOS). UAT-4356 exploited n-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362)…
Full Transparency: Controlling Apple’s TCC
Apple’s commitment to user privacy is well known. One of the key components of their privacy controls is the Transparency Consent and Control (TCC) framework.…
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. The…
North Korean Hackers Use Fake IT Worker Scheme to Infiltrate Companies and Evade Sanctions
North Korea has been running one of the most quietly effective cyber fraud operations in recent years. State-sponsored operatives working for the Pyongyang regime have…
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
Instead, Kamluk saw that it was a self-spreading piece of code with very different intentions. Using what was referred to within the code as “wormlet”…
Outlook Mailboxes Abused to Conceal Linux GoGra Backdoor Traffic
The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control…
Anthropic’s Mythos Preview Just Changed The Threat Landscape In Ways The Security Industry Isn’t Fully Prepared For
23 Apr Anthropic’s Mythos Preview Just Changed The Threat Landscape In Ways The Security Industry Isn’t Fully Prepared For Posted at 15:26h in Blogs by…
Roblox clamps down on chats and age checks as legal pressure builds
Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total…
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite…