CyberSecurityNews - Cybernoz - Cybersecurity News

APT36 Attacking BOSS Linux Systems With Weaponized ZIP Files to Steal Sensitive Data

Pakistan-based threat actor APT36, also known as Transparent Tribe, has significantly evolved its cyber-espionage capabilities by launching a sophisticated campaign specifically targeting Indian defense personnel…

July 7, 2025 Cybernoz 3 min read

CyberSecurityNews

PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev

A proof-of-concept exploit for a critical local privilege escalation vulnerability affecting major Linux distributions, including Fedora and SUSE environments. The vulnerability, designated CVE-2025-6019, allows unprivileged…

July 7, 2025 Cybernoz 3 min read

CyberSecurityNews

New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data

A sophisticated phishing campaign targeting UK citizens has emerged, masquerading as official communications from the Department for Work and Pensions (DWP) to steal sensitive financial…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass

A significant security vulnerability has been discovered in Lenovo’s preloaded Windows operating systems, where a writable file in the Windows directory enables attackers to bypass…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

Instagram Started Using 1-Week Validity TLS certificates and Changes Them Daily

Instagram has adopted an unprecedented approach to web security by implementing daily rotation of TLS certificates that maintain validity periods of just one week, according…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

“CitrixBleed 2” Vulnerability PoC Released

Critical flaw in Citrix NetScaler devices echoes infamous 2023 security breach that crippled major organizations worldwide. The new critical vulnerability in Citrix NetScaler devices has…

July 5, 2025 Cybernoz 3 min read

CyberSecurityNews

Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

Threat Actors Turning Job Offers Into Traps, Over $264 Million Lost in 2024 Alone

Cybercriminals are exploiting the economic uncertainty and remote work trends to orchestrate sophisticated employment fraud schemes, with victims losing over $264 million in 2024 alone…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

The Most Active RAT Uses New Stagers and Loaders to Bypass Defenses

XWorm has emerged as one of the most versatile and actively distributed remote access trojans in the current threat landscape, establishing itself as a formidable…

July 5, 2025 Cybernoz 3 min read

CyberSecurityNews

Threat Actors Abused AV – EDR Evasion Framework In-The-Wild to Deploy Malware Payloads

Cybersecurity researchers have uncovered a concerning development as malicious actors began exploiting SHELLTER, a commercial anti-virus and endpoint detection response (EDR) evasion framework, to deploy…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence

The cybercriminal group known as Scattered Spider has significantly evolved its attack methodologies, demonstrating alarming sophistication in exploiting legitimate administrative tools to maintain persistent access…

July 5, 2025 Cybernoz 2 min read

CyberSecurityNews

Hackers Exploit Legitimate Inno Setup Installer to Use as a Malware Delivery Vehicle

Cybercriminals have increasingly turned to legitimate software installation frameworks as vehicles for malware distribution, with Inno Setup emerging as a preferred tool for threat actors…

July 5, 2025 Cybernoz 2 min read