Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic
A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022....
Read more →Author: Cybernoz
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s...
Read more →
Shifting from Monitoring Alerts to Measuring Risk
Introduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based...
Read more →
Victoria’s Secret restores critical systems after cyberattack
Victoria’s Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down...
Read more →
New GitHub Device Code Phishing Attacks Targeting Developers to Steal Tokens
Cybersecurity researchers have identified a sophisticated new phishing campaign that exploits GitHub’s OAuth2 device authorization flow to compromise developer accounts...
Read more →
Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access
A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of...
Read more →
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring...
Read more →
HashiCorp Nomad Vulnerability Allows Privilege Escalation via ACL Policy Lookup Exploit
A significant security vulnerability in HashiCorp Nomad workload orchestrator that allows attackers to escalate privileges by exploiting the Access Control...
Read more →
Apple confirmed that Messages app flaw was actively exploited in the wild
Apple confirmed that Messages app flaw was actively exploited in the wild Pierluigi Paganini June 13, 2025 Apple confirmed that...
Read more →
Outage not caused by security incident, data is safe
Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has...
Read more →
HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to...
Read more →
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing...
Read more →