Silver Fox APT Deploys DLL Sideloading and BYOVD in Advanced Malware Campaign
Silver Fox APT is running a new wave of targeted attacks in Taiwan that combine DLL sideloading and Bring Your Own Vulnerable Driver (BYOVD) techniques…
Author: Cybernoz
Coroot: Open-source observability and APM tool
Coroot is an open-source observability and application performance monitoring tool. The core software, published in Go and accompanied by companion repositories such as coroot-node-agent, focuses…
Splunk Enterprise for Windows Flaw Enables DLL Hijacking, SYSTEM Access
A serious flaw in Splunk Enterprise for Windows that lets low-privileged users hijack DLL loading and escalate to SYSTEM-level access. Tracked as CVE-2026-20140, this local…
Bastion and Astralas to merge
Bastion Security Group has signed an agreement to merge with Melbourne-based cybersecurity consultancy Astralas, in a move that further consolidates Australia’s mid-market security services sector.…
Japanese Semiconductor Supplier Hit by Ransomware, Multiple Systems Impacted
Feb. 20, 2026 – Advantest Corporation, a top supplier of semiconductor test equipment, revealed it is battling a ransomware attack that struck its network last…
Cache Deception Flaw in SvelteKit And Vercel Stack Exposes User Data
A cache deception vulnerability in SvelteKit apps deployed on Vercel exposes sensitive user data to attackers. The flaw allows publicly cached responses to be authenticated.…
Bitter-Pilled Engineering | Daniel Miessler
I have a new concept I’m using everywhere in my AI engineering called Bitter-Pilled Engineering (BPE). The idea comes from Richard Sutton’s essay, “The Bitter…
Google Blocked 1.75 million malicious Apps from Entering into the Play Store
Google Blocked 1.75 million malicious Apps from Play Store AI-powered security systems blocked over 1.75 million malicious or policy-violating apps from reaching the Play Store…
128M Users Exposed as Popular VS Code Extensions Reveal Critical Flaws
Serious vulnerabilities in four popular Visual Studio Code (VS Code) extensions, affecting over 128 million downloads. These flaws, including three assigned CVEs CVE-2025-65715, CVE-2025-65716, and…
Anthropic unveils Claude Code Security to detect and fix code bugs
Anthropic unveils Claude Code Security to detect and fix code bugs Pierluigi Paganini February 23, 2026 Anthropic launches Claude Code Security, an AI tool that…
What can’t you say on TikTok?
This week on the Lock and Code podcast… A funny thing happened on TikTok last month, and it has brought allegations of censorship, manipulation, and…
QLD Building Commission moves IT under operations
The Queensland Building and Construction Commission (QBCC) regulator has reorganised itself under a new operating model, as part of a major digital transformation and modernisation…