Uneven regulatory demands expose gaps in mobile security
Mobile networks carry a great deal of the world’s digital activity, which makes operators a frequent target for attacks. A study released by the GSMA…
Author: Cybernoz
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer…
New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks
Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server…
Australians Eligible for Cambridge Analytica Payments Must Register by 31 December
Australian Facebook users affected by the Cambridge Analytica data misuse scandal have until 31 December 2025 to register for compensation under a $50 million payment program…
New 01Flip Ransomware Targets Both Windows and Linux Systems
Security researchers at Palo Alto Networks Unit 42 have identified a newly emerging ransomware family, 01flip, that represents a significant shift in malware development tactics.…
ACMA secures pledges from major online retailers to block “dodgy” mobile sales
The Australian Communications and Media Authority has moved to stop unsafe mobile phones and other illegal radio equipment getting into consumers’ hands with a new…
Brave browser starts testing agentic AI mode for automated tasks
Brave has introduced a new AI browsing feature that leverages Leo, its privacy-respecting AI assistant, to perform automated tasks for the user. Intended to assist…
High-Severity Jenkins Flaw Enables Unauthenticated DoS Through HTTP CLI
Jenkins has released a critical security advisory addressing a high-severity denial-of-service vulnerability affecting millions of organizations that rely on the popular automation server. The flaw,…
Malicious VSCode Marketplace extensions hid trojan in fake PNG file
A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. The malicious…
Warnings Mount in Congress Over Expanded US Wiretap Powers
“The commercial landlords of the buildings where tens of millions of Americans go to work every day can be forced to assist the government with…
ValleyRAT Malware Evades Windows 11 Security with Stealthy Driver Install
Check Point Research (CPR) has published a comprehensive analysis of ValleyRAT, a widely distributed backdoor also known as Winos/Winos4.0, revealing its sophisticated modular architecture and…
Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks
Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet’s CentreStack and Triofox products for secure remote file access…