Digital Ethics Summit 2025: Open sourcing and assuring AI
Open sourcing artificial intelligence (AI) can help combat concentrations of capital and power that currently define its development, while nascent assurance practices need regulation to…
Author: Cybernoz
New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA
A sophisticated phishing tool called BlackForce has emerged as a serious threat to organizations worldwide. First observed in August 2025, this professional-grade kit allows criminals…
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 12, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
CISA orders feds to patch actively exploited Geoserver flaw
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks,…
Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware
A new threat is targeting movie lovers who search for the latest films online. Cybercriminals are now using the popularity of Leonardo DiCaprio’s new film,…
Firewalla Orange brings zero trust anywhere
Firewalla announced Firewalla Orange, a portable multi-gigabit cybersecurity firewall and Wi-Fi 7 router designed to reset expectations for how networks should be protected. Firewalla Orange…
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Dec 12, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability…
ICO Fines LastPass UK £1.2m For Data Breach
The Information Commissioner’s Office (ICO) has fined password manager provider LastPass UK Ltd £1.2 million following a 2022 data breach that compromised the personal information…
MITRE shares 2025’s top 25 most dangerous software weaknesses
MITRE has shared this year’s top 25 list of the most dangerous software weaknesses behind over 39,000 security vulnerabilities disclosed between June 2024 and June…
Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware
A Hamas‑affiliated threat group known as Ashen Lepus, also tracked as WIRTE, has launched a new espionage campaign against governmental and diplomatic entities across the…
Swissbit adds HID Seos to iShield Key 2
Swissbit is expanding its portfolio of multi-application security keys with the launch of the iShield Key 2, introducing a new variant featuring HID Seos, one…
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that,…