Hackers exploit Modular DS WordPress plugin flaw for admin access
Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites…
Author: Cybernoz
Chinese Hackers Control 18,000 Active Servers Across 48 Hosting Providers
Chinese infrastructure is currently hosting more than 18,000 active command‑and‑control (C2) servers across 48 providers, with activity heavily concentrated on a handful of major telecom…
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS…
ACMA tries to source unfixable Samsung handsets
The Australian Communications and Media Authority (ACMA) is trying to source end-of-life Samsung devices that are being blocked from networks due to triple zero calling…
Hackers Abusing Legitimate Cloud and CDN Platforms to Host Phishing Kits
Threat actors are increasingly using trusted cloud and content delivery network platforms to host phishing kits, creating major detection challenges for security teams. Unlike traditional…
Elon Musk’s Grok ‘Undressing’ Problem Isn’t Fixed
Elon Musk’s X has introduced new restrictions stopping people from editing and generating images of real people in bikinis or other “revealing clothing.” The change…
HPE Aruba Vulnerabilities Enables Unauthorized Access To Sensitive Information
HPE has released security patches for multiple high-severity vulnerabilities in HPE Networking Instant On devices that could expose internal VLAN configuration data and allow remote…
Microsoft Copilot Studio extension for VS Code now publicly available
Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use…
Promptware Kill Chain – Five-Step Kill Chain Model for Analyzing Cyberthreats
Large language models have become deeply integrated into everyday business operations, from customer service chatbots to autonomous agents managing calendars, executing code, and handling financial…
Why ICE Can Kill With Impunity
When Jonathan Ross shot and killed Renee Nicole Good last Wednesday morning in Minneapolis, the 37-year-old mother became one of at least 25 people killed…
Palo Alto Networks Firewall Vulnerability Allows Attackers To Trigger Denial Of Service
Palo Alto Networks has released security updates to address a high‑severity denial-of-service (DoS) vulnerability in PAN-OS that could allow unauthenticated attackers to repeatedly crash firewalls…
Microsoft and Authorities Dismatles BEC Attack Chain Powered By RedVDS Fraud Engine
Microsoft, in collaboration with U.S. and U.K. authorities, has announced a major international operation that dismantled RedVDS, a cybercrime‑as‑a‑service platform linked to large‑scale business email…