Threat Actors Exploiting NGINX Servers to Redirect Web Traffic to Malicious Sites
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server…
Author: Cybernoz
Smart glasses are back, privacy issues included
AI smart glasses are the latest addition to fashion, and they include a camera, a microphone, AI, and privacy risks. After Google Glass failed to…
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Ravie LakshmananFeb 05, 2026Workflow Automation / Vulnerability A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited,…
Incognito Market Operator Gets 30-Year Prison Term
The 30-year prison sentence handed to Rui-Siang Lin, the operator of the infamous Incognito Market, is more than just another darknet takedown story. Lin, who…
Here’s what you should know
The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams. 04 Feb…
New 3 Step Malvertising Chain Abusing Facebook Paid Ads to Push Tech Support #Scam Kit
A sophisticated new cyber threat has emerged within the digital advertising ecosystem, specifically targeting users through the vast reach of Facebook’s paid advertising platform. Malicious…
New 3-Step Malvertising Chain Exploits Facebook Ads to Promote Tech Support Scam Kit
A new, sophisticated malvertising campaign targeting users in the United States. This attack leverages Facebook’s massive paid advertising platform to lure victims into a tech…
Cybersecurity planning keeps moving toward whole-of-society models
National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that environment, guidance…
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Ravie LakshmananFeb 05, 2026Web Security / Vulnerability Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and…
WatchGuard VPN Client Flaw on Windows Enables SYSTEM‑Level Command Execution
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating…
Measuring AI use becomes a business requirement
Enterprise teams already run dozens of AI tools across daily work. Usage stretches from code generation and analytics to customer support drafting and internal research.…
Attackers Using DNS TXT Records in ClickFix Script to Execute Powershell Commands
The cybersecurity landscape has darkened with the sophisticated evolution of the KongTuke campaign. Active since mid-2025, this threat actor group has continuously refined its techniques…