UK’s ‘deregulatory’ AI approach won’t protect human rights
The UK’ government’s “deregulatory” approach to artificial intelligence (AI) will fail to deal with the technology’s highly scalable harms, and could lead to further public…
Author: Cybernoz
Detectify AI-Researcher Alfred gets smarter with threat actor intelligence
Six months after launch, Alfred, the AI Agent that autonomously builds security tests, has revolutionized our workflow. Alfred has delivered over 450 validated tests against…
Elastic Defend for Windows Vulnerability Let Attackers Escalate Privileges
Elastic has disclosed a significant security vulnerability in Elastic Defend for Windows that could allow attackers to escalate their privileges on affected systems. Tracked as…
Ransomware Operators Exploit RMM Tools to Deploy Medusa and DragonForce
Cybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across multiple…
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials…
Illuminate Education Data Breach Triggers $5.1M Fine
The Attorneys General of California, Connecticut, and New York have announced a $5.1 million settlement with Illuminate Education, Inc., an educational technology company, for failing…
Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads
Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads Pierluigi Paganini November 10, 2025 Nine NuGet packages by “shanhai666” can deploy delayed payloads…
MAD-CAT Meow Attack Tool to Simulate Real-World Data Corruption Attacks
MAD-CAT (Meow Attack Data Corruption Automation Tool) targets MongoDB, Elasticsearch, Cassandra, Redis, CouchDB, and Hadoop HDFS, exactly the systems hit in the original wave. This…
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links.…
Monsta web-based FTP Remote Code Execution Vulnerability Exploited
A critical remote code execution vulnerability in Monsta FTP, a popular web-based FTP client used by financial institutions and enterprises worldwide. The flaw, now tracked…
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case
An extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on November…
Europe Hosts First In-Orbit Satellite CTF Challenge
D-Orbit and the ethical hacking collective mhackeroni have concluded CTRLSpace CTF, the first in-orbit satellite cybersecurity competition ever held in Europe. The event, organized with the support of the European Space Agency’s…