Fragmented tooling slows vulnerability management
Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a…
Author: Cybernoz
Infosec products of the month: November 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, Firewalla, Forescout,…
Acronis names OpSys as its first MSSP partner in Australia
Acronis has appointed Adelaide-based Operational Systems (OpSys) as its first certified managed security service provider (MSSP) partner in Australia, enabling the company to deliver Managed…
BoM never planned to end reliance on ‘legacy’ site
After blowing past its budget to spend $96 million dollars on overhauling its website, generating a political pyroclastic cloud, the Bureau of Meteorology can’t end…
Vulnerable Codes in Legacy Python Packages Enables Attacks on Python Package Index Via Domain Compromise
Hidden vulnerabilities in legacy code often create unseen risks for modern development environments. One such issue recently surfaced within the Python ecosystem, where outdated bootstrap…
Abandoned iCal Domains Threaten 4M Devices
As our daily lives become more time-pressured and interconnected, digital calendars have emerged as indispensable tools for managing personal and professional commitments. Yet, this very…
Hackers hijack US radio gear
Hackers are hijacking US radio transmission equipment to broadcast bogus emergency messages and obscene language, the Federal Communications Commission said. In a public notice, the…
Asahi says crooks stole data of approximately 2M customers and employees
Asahi says crooks stole data of approximately 2M customers and employees Pierluigi Paganini November 27, 2025 Asahi says hackers stole data of approximately 2M customers…
Microsoft Teams Guest Chat Flaw Could Let Hackers Deliver Malware
Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into…
ATA makes board chief executive-level club in bid for clout
The telco industry lobby has moved to project more authority and boost its influence by retiring its board to replacing them with the chiefs of…
Gitlab Patches Multiple Vulnerabilities that Enable Authentication Bypass and DoS Attacks
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, rolled out in…
Legacy Python Package Vulnerabilities Enable PyPI Attacks Through Domain Takeover
ReversingLabs researchers have sounded the alarm over a vulnerability lurking in legacy Python packages one that exposes users of the Python Package Index (PyPI) to…