LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?
In this LABScon 25 presentation, Marc Rogers and Silas Cutler explore the complex, “shadow” supply chain of ultra-cheap Chinese smart home devices, specifically focusing on…
Author: Cybernoz
Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting
Key Takeaways We recently discovered an exposed server that was used for multi-victim exploitation, staging, review, and validation. Claude Code and OpenClaw were used as…
New Mirai campaign exploits RCE flaw in EoL D-Link routers
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. CVE-2025-29635 allows…
Checkmarx KICS Official Docker Repo Compromised to Inject Malicious Code
A significant supply chain attack targeting the official checkmarx/kics Docker Hub repository, where threat actors pushed trojanized images capable of harvesting and exfiltrating sensitive developer…
CyberSmart Partners with Renaissance to Deliver Complete Cyber Confidence for SMEs
Irish reseller Renaissance has announced a strategic partnership with CyberSmart, a UK-based cybersecurity provider focused on delivering continuous protection, compliance, and cyber risk management for…
109 Fake GitHub Repos Spread SmartLoader, StealC Malware
A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious…
Mustang Panda Hits India and S. Korea with Updated LOTUSLITE Backdoor
A group of China-linked hackers known as Mustang Panda has expanded its spying efforts to target the Indian financial sector and political circles in South…
Claude Mythos finds 271 Firefox flaws, Mozilla believes it shifts security toward defenders
The Mozilla Foundation tested Claude Mythos, an Anthropic AI model that has stirred debate in the cybersecurity community. Before granting access to Mythos, Mozilla scanned…
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen…
NCSC heralds end of passwords for consumers and pushes secure passkeys
Consumers are being urged to replace passwords with passkeys as a simpler, more secure method of accessing online services. The National Cyber Security Centre (NCSC),…
ANZ Banking Group names acting CISO
ANZ Banking Group’s chief information security officer of almost three years Dr Maria Milosavljevic has retired, with an interim security chief now in place. Milosavljevic…
New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention
A threat actor has used a new wiper malware in recent attacks against the energy and utilities sector, cybersecurity company Kaspersky warns. The attack targeted…