North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
A new cyber campaign orchestrated by North Korean threat actors has been exposed by the Socket Threat Research Team, revealing...
Read more →Author: Cybernoz
Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)
A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure...
Read more →
Fraud victims among top crypto ATM users
Australia’s financial crimes monitoring agency said that it has identified 90 scam victims, money mules and suspected offenders as the...
Read more →
Many data brokers aren’t registering across state lines, privacy groups say
Hundreds of companies registered as data brokers in one U.S. state are not recognized as such in other states with...
Read more →
Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
A zero-day research project has uncovered eight new vulnerabilities in multifunction printers (MFPs) and related devices from Brother Industries, Ltd.,...
Read more →
Facial recognition: Where and how you can opt out
Our remote team recently took a trip to our Estonian office. When we arrived from our various destinations, we started...
Read more →
Sportsbet recruits ‘security champions’ in shift-left strategy
Sportsbet has stood up a ‘security champions’ program, recruiting 42 senior staff to act as security ambassadors, asking questions of...
Read more →
Citrix users hit by actively exploited zero-day vulnerability
Citrix on Wednesday disclosed an actively exploited zero-day vulnerability affecting multiple versions of NetScaler products, an alarming development from a...
Read more →
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors...
Read more →
New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection...
Read more →
BreachForums Operators Arrested By French Police
BreachForums was arguably the biggest cybercrime forum until it went offline in April amid rumors of the arrest of one...
Read more →
Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
A sophisticated Android phishing campaign, aptly named “Wedding Invitation,” has emerged as a significant threat targeting mobile users across India....
Read more →