Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to…
Author: Cybernoz
ENEC, TII and Aspire test autonomous aerial systems for critical infrastructure security
The Emirates Nuclear Energy Company (ENEC), the Technology Innovation Institute (TII) and Aspire have launched a joint proof-of-concept (PoC) project to assess the use of…
AI Is Rewriting Compliance Controls and CISOs Must Take Notice
By Itamar Apelblat, CEO & Co-Founder, Token Security For decades, compliance frameworks were built on an assumption that now feels outdated: humans are the primary…
Check Point Harmony SASE Windows Client Vulnerability Enables Privilege Escalation
A critical privilege-escalation vulnerability has been discovered in Check Point’s Harmony SASE (Secure Access Service Edge) Windows client software, affecting versions prior to 12.2. Tracked as CVE-2025-9142,…
Cal.com Broken Access Controls Lead to Account Takeover and Data Exposure
Cal.com, an open-source scheduling platform and developer-friendly alternative to Calendly, recently patched a set of critical vulnerabilities that exposed user accounts and sensitive booking data…
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Open Source A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited,…
UK competition regulator looks into Google’s AI search
The Competition and Markets Authority (CMA) has proposed what it describes as a “package of measures” to improve how Google delivers search services in the…
Hygon’s chips ‘safe’ from AMD security flaw amid China’s tech self-reliance drive
Chips from Chinese semiconductor designer Hygon Information Technology were found unaffected by a recently disclosed vulnerability in products developed by its US tech licenser and…
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics – Hackread – Cybersecurity News, Data Breaches, AI, and More
A new security alert has been issued over a computer program that is acting as a silent gateway for intruders. The tool, known by the…
From Triage to Threat Hunts: How AI Accelerates SecOps
If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the…
FCA launches review as ‘non-human intelligence’ surpassing human reasoning is plausible
The UK’s financial services sector regulator has announced a review of the potential long-term impacts of advanced artificial intelligence (AI) as the sector faces the…
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation
A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized access to AI infrastructure. Over a period of 40 days, researchers…