Piecing Together the Puzzle: A Qilin Ransomware Investigation
Written by Lindsey O’Donnell-Welch, Ben Folland, Harlan Carvey of Huntress Labs. A big part of a security analyst’s everyday role is figuring out what actually…
Author: Cybernoz
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a…
WhatsApp API flaw let researchers scrape 3.5 billion accounts
Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API that lacked rate limiting. The…
Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve…
How APT24 scaled its cyberespionage through supply chain attacks
BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks Pierluigi Paganini November 22, 2025 APT24 used supply chain attacks and varied techniques to…
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The incident involved the leak of…
Hackers Use Salesforce Gainsight Breach to Access Data from More Than 200 Companies
Salesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised Gainsight-published applications. The breach, detected in mid-November 2025, potentially exposed…
CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Leading cybersecurity firm CrowdStrike recently confirmed it fired an employee for sharing confidential internal details with a major hacking group. This incident, which became public…
China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services
Nov 22, 2025Ravie LakshmananCyber Espionage / Cloud Security The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting…
CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that attackers are…
US Border Patrol Is Spying on Millions of American Drivers
Eight years after a researcher warned WhatsApp that it was possible to extract user phone numbers en masse from the Meta-owned app, another team of…
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 22, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…