Evertz SDN Vulnerabilities Enable Unauthenticated Arbitrary Command Execution
A newly disclosed critical vulnerability (CVE-2025-4009) in Evertz’s Software Defined Video Network (SDVN) product line exposes a wide range of...
Read more →Author: Cybernoz
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
May 28, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that,...
Read more →
New PumaBot targets Linux IoT surveillance devices
New PumaBot targets Linux IoT surveillance devices Pierluigi Paganini May 28, 2025 PumaBot targets Linux IoT devices, using SSH brute-force...
Read more →
Czechia blames China for Ministry of Foreign Affairs cyberattack
The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country’s Ministry of Foreign Affairs and...
Read more →
251 Malicious IPs Attacking Cloud-Based Devices Leveraging 75 Exposure Points
A highly coordinated reconnaissance campaign that deployed 251 malicious IP addresses in a single-day operation targeting cloud-based infrastructure. The attack,...
Read more →
Zscaler to Acquire Red Canary, Enhancing AI-Powered Security Operations
Zscaler, Inc. (NASDAQ: ZS), the global leader in cloud security, has announced a definitive agreement to acquire Red Canary, a...
Read more →
New warning issued over toll fee scams
Over a year ago the FBI warned about what was then a new form of smishing (phishing via SMS) scam:...
Read more →
A 24-Hour Timeline of a Modern Stealer Campaign
May 28, 2025The Hacker NewsIdentity Theft / Enterprise Security Stealer malware no longer just steals passwords. In 2025, it steals...
Read more →
Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites
Over the past year, a threat actor has been banking on the wild popularity of AI tools to lure computer...
Read more →
Apple stops $2B in fraud in 2024 alone, $9B over 5 years
App Store Security: Apple stops $2B in fraud in 2024 alone, $9B over 5 years Pierluigi Paganini May 28, 2025...
Read more →
Threat Actors Weaponizing DCOM to harvest credentials on Windows systems
Threat actors are now leveraging the often-overlooked Component Object Model (COM) and its distributed counterpart, Distributed Component Object Model (DCOM),...
Read more →
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
May 28, 2025Ravie LakshmananIoT Security / Cryptocurrency Embedded Linux-based Internet of Things (IoT) devices have become the target of a...
Read more →