Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected
A critical XSS vulnerability, CVE-2024-27443, in Zimbra Collaboration Suite’s CalendarInvite feature is actively being exploited, potentially by the Sednit hacking...
Read more →Author: Cybernoz
Danabot under the microscope
ESET Research has been tracking Danabot’s activity since 2018 as part of a global effort that resulted in a major...
Read more →
SK Telecom Uncovers Two-Year Malware Attack, Leaking 26M IMSI Records
SK Telecom reveals malware intrusion that remained hidden for nearly two years, led to the leaking of 26.69 million IMSI...
Read more →
Leader of Qakbot cybercrime network indicted in U.S. crackdown
Leader of Qakbot cybercrime network indicted in U.S. crackdown Pierluigi Paganini May 24, 2025 The U.S. indicted Russian Rustam Gallyamov...
Read more →
The US Is Building a One-Stop Shop for Buying Your Data
This week, WIRED launched our Rogues issue—which included going a bit rough ourselves. WIRED senior correspondent Andy Greenberg flew to...
Read more →
China’s internet watchdog cracks down on false financial claims, stock touting online
China’s top cybersecurity watchdog, in coordination with financial regulators, has shut down over a dozen social media accounts for spreading...
Read more →
OpenAI confirms Operator Agent is now more accurate with o3
OpenAI says Operator Agent now uses the o3 model, which means it’s now significantly better at reasoning capabilities. For those...
Read more →
BadSuccessor Exploits Windows Server 2025 Flaw for Full AD Takeover
Akamai researchers reveal a critical flaw in Windows Server 2025 dMSA feature that allows attackers to compromise any Active Directory...
Read more →
Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via...
Read more →
Versa Concerto Vulnerabilities Patched, Including A 10.0
Versa Networks has patched three vulnerabilities in its Concerto network security and SD-WAN orchestration platform, including one that scored a...
Read more →
Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier....
Read more →
ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks
A new report from Cofense Intelligence reveals a troubling trend in cyberattacks: criminals are increasingly hijacking legitimate Remote Access Tools...
Read more →