Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply…
Author: Cybernoz
Airspace disruption and geopolitical tensions raise questions over Middle East tech events
Geopolitical tensions in the Middle East following the escalating confrontation among the US, Israel and Iran have raised questions about the resilience of the region’s…
How AI will impact security careers and what leaders should do about it
Security teams are optimistic about AI’s impact on their careers, but workloads remain high. Tines’ Voice of Security 2026 report surveyed more than 1,800 global…
Rogues gallery: 15 worst ransomware groups active today
Targeted victims: LockBit targeted thousands of victims worldwide in its heyday, including government services, private sector companies, and critical infrastructure providers. Attribution: LockBit’s use of…
Lessons From Clop: Combating Ransomware
Lessons from Clop It’s been one month since the Clop ransomware group began exploiting the MOVEit vulnerability (CVE-2023-34362 (VulnDB ID: 322555) to claim nearly 100…
Rogue RMMs: Common Social Engineering Tactics We Saw in 2025
Special thanks to Austin Worline for his contributions to this blog post. The Huntress Security Operations Center (SOC) frequently comes across incidents involving rogue ScreenConnect…
Critical ExifTool Flaw Lets Malicious Images Trigger Code Execution on macOS
ExifTool Flaw Malicious Images Trigger Code Execution on macOS A newly discovered vulnerability is challenging the long-held belief that macOS systems are inherently immune to…
Using form hijacking to bypass CSP
In this post we’ll show you how to bypass CSP by using an often overlooked technique that can enable password theft in a seemingly secure…
1-Click ZITADEL Vulnerability Could Allow Full System Takeover
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in ZITADEL, a popular open-source identity and access management platform. Tracked as CVE-2026-29191 with a Critical…
Open-source tool Sage puts a security layer between AI agents and the OS
Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing.…
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini…
Ghanaian Man Pleads Guilty in U.S. Court for Romance Scams That Stole $100M – The Cyber Express
A Ghanaian national has pleaded guilty to his role in a large-scale cyber fraud scheme that used romance scams and business email compromise tactics to…