CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular…
Author: Cybernoz
Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign
A financially motivated threat group called Storm-2755 has launched a campaign that quietly reroutes employee salary payments to attacker-controlled bank accounts. Targeting Canadian workers, the…
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145…
Overcoming Biases in Cyber Security Problem Analysis and Decision-Making
“I don’t care what that report says, the threat actor has to be utilizing vector #1 because that is what our threat model says they’ll…
Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries
A new report from Infoblox Threat Intel connects two issues that are often discussed separately but rarely proven to be linked. The company says it…
To counter cookie theft, Chrome ships device-bound session credentials
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have…
ClickFix finds a new way to infect Macs
ClickFix campaigns are looking for alternatives now that many Mac users have been made aware of the dangers of pasting certain commands into Terminal. Researchers…
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within…
OpenAI ‘pauses’ Stargate UK: Sudden setback or calculated move?
OpenAI has paused plans for its Stargate UK investment, which was to take place in concert with artificial intelligence (AI) datacentre builder Nscale and in…
Digital Asset Cybersecurity Initiative Announced By Treasury
The U.S. Department of the Treasury has unveiled a new digital asset cybersecurity initiative, aimed at strengthening defenses across the rapidly growing digital asset ecosystem.…
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Nine vulnerabilities in the open source Digital Imaging and Communications in Medicine (DICOM) server Orthanc allow attackers to crash servers, leak data, and execute arbitrary…
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials Pierluigi Paganini April 10, 2026 Hackers breached Bitcoin Depot, stole credentials, and took about…