US announces new strike force targeting Chinese crypto scammers
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. The Scam…
Author: Cybernoz
SmartApeSG Campaign Leverages ClickFix Technique to Deploy NetSupport RAT
The SmartApeSG campaign, also known as ZPHP or HANEY MANEY, continues to evolve its attack methods to compromise Windows systems with malicious remote access tools.…
NVIDIA NeMo Flaw Enables Code Injection and Privilege Escalation Attacks
NVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges…
Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
A major data leak recently hit the Chinese security firm Knownsec (aka Chuangyu), where over 12,000 secret files briefly appeared on GitHub around November 2,…
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation
NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and escalate…
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to…
Cybersecurity Lessons For Leaders: Designing Resilience at Scale
“As an AI entrepreneur and cybersecurity leader, I’ve watched compliance frameworks struggle to keep pace with modern threats,” writes Nishant Sonkar, Global Cloud Compliance Lead…
Critical FortiWeb flaw under attack, allowing complete compromise
Critical FortiWeb flaw under attack, allowing complete compromise Pierluigi Paganini November 14, 2025 A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to…
The researcher’s desk: CVE-2025-59287 – Blog Detectify
Welcome to The researcher’s desk – a content series where the Detectify security research team conducts a technical autopsy on vulnerabilities that are particularly interesting,…
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate…
Threat Actors Leverage JSON Storage Services to Host and Deliver Malware Via Trojanized Code Projects
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors abuse legitimate JSON storage services to deliver malware to software developers. The campaign, known as…
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials,…