Weaponized Chrome Extension Affects 1.7 Million Users Despite Google’s Verified Badges
A sophisticated malware campaign has infected over 1.7 million Chrome users through eleven seemingly legitimate browser extensions, all of which...
Read more →Author: Cybernoz
Infostealers-as-a-Service Push Identity Hacks to Record Highs
According to cybersecurity researchers at eSentire, infostealer malware and advanced phishing toolkits are behind a massive 156% jump in cyberattacks...
Read more →
RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks
Cybersecurity researchers are calling attention to a malware campaign that’s targeting security flaws in TBK digital video recorders (DVRs) and...
Read more →
Google slams claims it’s ‘misleading’ the public with its GHG emissions data
Google has hit back at a report picking holes in its carbon emission reduction claims, saying the analysis carried out by...
Read more →
PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request
Security researchers have released proof-of-concept exploits for a critical vulnerability dubbed “CitrixBleed2” affecting Citrix NetScaler ADC and Gateway products. The...
Read more →
CISA Alerts on Active Exploitation of PHPMailer Command Injection Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding the active exploitation of a long-standing vulnerability...
Read more →
5 Ways Identity-based Attacks Are Breaching Retail
From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s...
Read more →Jailbreaks, Injections, and Agentic Risks
AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for...
Read more →
SAP’s July 2025 Patch Day
SAP has released its July 2025 Security Patch Day update, addressing a significant number of vulnerabilities across its enterprise software...
Read more →
Call of Duty Gamers Hacked via RCE Exploit Allowing Player-to-Player Attacks
The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after...
Read more →
Post Office inquiry chair ‘cannot rule out’ scandal caused 13 suicides
The chair of the Post Office scandal public inquiry cannot rule out the “real possibility” that 13 people took their...
Read more →
CISA Warns of PHPMailer Command Injection Vulnerability Exploited in Attacks
Key Takeaways1. CVE-2016-10033 in PHPMailer allows attackers to execute arbitrary code through command injection in the mail() function.2. The vulnerability...
Read more →