ICE and Qatari Security Forces at the Winter Olympics Put Italians on Edge
With less than a week to go until the start of the 2026 Milano Cortina Winter Olympics in Italy, the topic making headlines isn’t sports.…
Author: Cybernoz
New Stealthy Fileless Linux Malware Spreads Automatically
A sophisticated fileless Linux malware framework, ShadowHS, that represents a significant evolution in post-exploitation tooling. Unlike traditional malware binaries, ShadowHS operates entirely in memory and…
Microsoft sets a path to switch off NTLM across Windows
Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been…
InsertScript: ImageMagick – Shell injection via PDF password
“Use ImageMagick® to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG,…
Hackers Attacking MongoDB Instances to Delete Database and Add Ransom Note
Threat actors are actively targeting internet-exposed MongoDB instances in large-scale automated ransomware campaigns. The attacks follow a consistent pattern: attackers scan for unsecured MongoDB databases…
Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers
Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts…
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on their Windows computers—giving attackers complete control…
Britain And Japanese Cybersecurity Strategy Strengthens
Japan and Britain have agreed to expand cooperation on cybersecurity and critical mineral supply chains, framing the move as a strategic response to intensifying geopolitical,…
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini February 02, 2026 A new round of the weekly Security Affairs newsletter…
InsertScript: Blink – DoS of tab via SVG in img tag / CSS context
This is just a quick blogpost to document a behavior in the Blink engine in regards to the processing of SVG images in the context…
Voice channels are the next major attack vector that security teams can’t monitor
For years, cybersecurity teams have worked to close gaps across email, endpoints, cloud infrastructure, and application layers. But as new threats like deepfake voices infiltrate…
NationStates confirms data breach, shuts down game site
NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident. The government…