OpenPGP.js Vulnerability Let Attackers Spoof Message Signature Verification
A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive...
Read more →Author: Cybernoz
Social Media Is Now a DIY Alert System for ICE Raids
Alerts about operations are disseminated through direct messages, WhatsApp, or posts on each page’s feed. In turn, it is possible...
Read more →
Windows Defender Bypass Using PowerShell and Registry Edits in CyberEYE RAT
A newly discovered remote access trojan (RAT) named CyberEye is making waves in the cybersecurity community for its sophisticated capabilities and its...
Read more →
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of...
Read more →
Microsoft Outlook’s New Two-Click View for Encrypted Emails Protects From Accidental Exposure
Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company...
Read more →
AitM Phishing Attacks on Microsoft 365 and Google Aimed at Stealing Login Credentials
A dramatic escalation in phishing attacks leveraging Adversary-in-the-Middle (AiTM) techniques has swept across organizations worldwide in early 2025, fueled by...
Read more →
Cloudflare Warns of DDoS Attacks Targeting Journalists and News Organizations
Cybersecurity firm Cloudflare has issued a stark warning about the escalating threat landscape facing independent media organizations worldwide, revealing that...
Read more →
OneLogin AD Connector Vulnerabilities Expose Authentication Credentials
A critical security vulnerability in OneLogin’s Active Directory (AD) Connector service has exposed enterprise authentication systems to significant risk The...
Read more →
Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint...
Read more →
Threat Actors Exploiting Expired Discord Invite Links to Deliver Multi-Stage Malware
Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to...
Read more →
DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025
The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning...
Read more →
On Constant Community Improvements – Cyber Defense Magazine
The theme of this year’s RSAC is “Many Voices. One Community.” While our field can rightly claim “many voices”, portraying...
Read more →