North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
Jul 15, 2025Ravie LakshmananMalware / Web Security The North Korean threat actors linked to the Contagious Interview campaign have been...
Read more →Author: Cybernoz
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes
A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and...
Read more →
Federal Contractor Pays $14.7M To Settle Cyber Fraud Charges
A Maryland-based IT firm, Hill ASC Inc., has agreed to fork over at least $14.75 million in a settlement that...
Read more →
Red Bull-Themed Phishing Attacks Steal Job Seekers Login Credentials
A new wave of phishing emails promising a “Social Media Manager” position at Red Bull has surfaced in corporate and...
Read more →
Red Bull-Themed Phishing Attacks Target Job Seekers’ Credentials
A few significant investments in email filtering, authentication procedures, and endpoint protection, attackers are constantly improving their techniques to circumvent...
Read more →
Securing vehicles as they become platforms for code and data
In this Help Net Security interview, Robert Knoblauch, CISO at Element Fleet Management, discusses how the rise of connected vehicles...
Read more →
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly...
Read more →
Inorganic DNA: How nanoparticles could be the future of anti-counterfeiting tech
For decades, manufacturers and security professionals have been playing a high-stakes game of cat and mouse with counterfeiters. From holograms...
Read more →
20-year-old Vulnerability in Radio Remote Linking Protocol Let Hackers Control Train Brakes
CISA has issued a critical advisory warning about a severe vulnerability in railway communication systems that could allow attackers to...
Read more →
CISA Issues Alert on Actively Exploited Wing FTP Server Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Wing FTP Server vulnerability to its Known Exploited Vulnerabilities...
Read more →
How service providers can turn cybersecurity into a scalable MRR engine
A growing number of MSPs, MSSPs, and consultancies are moving beyond one-and-done engagements and transforming from tactical vendors into strategic...
Read more →
CISA adds serious Wing FTP Server vulnerability to must-fix list
A remote code execution (RCE) vulnerability in a popular file transfer application is being actively exploited, with the United States...
Read more →