ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool
In a significant escalation of the global cyber threat landscape, the notorious threat group ShinyHunters appears to be transitioning from data theft to full-scale ransomware…
Author: Cybernoz
Public GitLab repositories exposed more than 17,000 secrets
After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Luke Marshall used…
Gainsight Verifies Token Breach Linked to Salesforce Advisory, Issues New IOCs
Gainsight, the leading customer success platform, has confirmed that a security incident involving its Salesforce integration compromised customer tokens for a small subset of its…
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
Nov 28, 2025Ravie LakshmananSupply Chain Attack / Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry…
French Football Federation Reports Data Breach
The French Football Federation (FFF) has confirmed a significant cybersecurity incident resulting in the theft of personal data belonging to members and licensees. The federation…
Poland Arrests Suspected Russian Hacker Targeting Local Organizations’ Networks
Polish authorities have made a significant move in their cybercrime enforcement efforts by detaining a Russian national suspected of conducting unauthorized cyber attacks against local…
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply…
French Football Federation discloses data breach after cyberattack
The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used…
Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams
The holiday season has always been a magnet for increased online activity, but 2025 marks a new high-water mark in cybercrime intensity. FortiGuard Labs’ latest…
Can business software empower rather than control workers?
Acclaim Autism exists to help children with autism spectrum disorder, but before doing so, the Philadelphia-based company has to get approval from US health insurers.…
GreyNoise launches free scanner to check if you’re part of a botnet
GreyNoise Labs has launched a free tool called GreyNoise IP Check that lets users check if their IP address has been observed in malicious scanning…
Malicious LLMs empower inexperienced hackers with advanced tools
Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and…