CyberSecurityNews

RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools

Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years,…

August 8, 2025 Cybernoz 3 min read

CyberSecurityNews

PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers

In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies…

August 8, 2025 Cybernoz 2 min read

CyberSecurityNews

US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations

U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The…

August 8, 2025 Cybernoz 3 min read

CyberSecurityNews

Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data

Columbia University has disclosed a major cybersecurity incident where an unauthorized third party accessed and extracted a significant volume of personal and financial data. The…

August 8, 2025 Cybernoz 2 min read

CyberSecurityNews

Windows User Account Control Bypassed Using Character Editor to Escalate Privileges

A sophisticated new technique that exploits the Windows Private Character Editor to bypass User Account Control (UAC) and achieve privilege escalation without user intervention, raising…

August 8, 2025 Cybernoz 2 min read

CyberSecurityNews

Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials

A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the…

August 8, 2025 Cybernoz 3 min read

CyberSecurityNews

Threat Actors Weaponize Malicious Gopackages to Deliver Obfuscated Remote Payloads

Cybersecurity researchers have uncovered a sophisticated malware campaign targeting the Go ecosystem through eleven malicious packages that employ advanced obfuscation techniques to deliver second-stage payloads.…

August 8, 2025 Cybernoz 2 min read

CyberSecurityNews

Biggest Ever GreedyBear Attack With 650 Hacking Tools Stolen $1 Million from Victims

A sophisticated cybercriminal operation known as GreedyBear has orchestrated one of the most extensive cryptocurrency theft campaigns to date, deploying over 650 malicious tools across…

August 8, 2025 Cybernoz 2 min read

CyberSecurityNews

CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday

CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as…

August 8, 2025 Cybernoz 3 min read

Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands

A new and custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the rolling code security systems used in most…

August 8, 2025 Cybernoz 3 min read

CyberSecurityNews

Guided Selling in 3D Product Configurators

People don’t want to guess when they buy something – especially something complex or customizable. They want to feel like they’re making the right choice.…

August 8, 2025 Cybernoz 5 min read

CyberSecurityNews

Hacker Extradited to US for Stealing Over $2.5 Million in Tax Fraud Attacks

A sophisticated cybercriminal operation that targeted American tax preparation businesses through spearphishing campaigns has culminated in the extradition of Nigerian national Chukwuemeka Victor Amachukwu from…

August 8, 2025 Cybernoz 2 min read