Weaponized AI Tool Installers Infect Devices with Ransomware
Cisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers, targeting unsuspecting users and businesses...
Read more →Category: GBHackers
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers...
Read more →
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development...
Read more →
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575,...
Read more →
Pure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security Features
Pure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for threat actors targeting Windows-based systems...
Read more →
Critical Icinga 2 Vulnerability Allows Attackers to Obtain Valid Certificates
A critical vulnerability (CVE-2025-48057) has been discovered in Icinga 2, the widely used open-source monitoring platform. The flaw, affecting installations...
Read more →
Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users
A group dubbed “Dark Partners” by cybersecurity researchers has launched a sophisticated malware campaign targeting both macOS and Windows users...
Read more →
Criminal IP Set to Make Its Debut at Infosecurity Europe 2025
Criminal IP, the AI-powered threat intelligence platform developed by AI SPERA (led by CEO Byungtak Kang), has announced its first...
Read more →
Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data
A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting...
Read more →
Interlock Ransomware Uses NodeSnake RAT for Persistent Access to Corporate Networks
In a two UK-based universities have fallen victim to a sophisticated Remote Access Trojan (RAT) dubbed NodeSnake within the past...
Read more →
PureHVNC RAT Uses Fake Job Offers and PowerShell to Evade Security Defenses
A new and highly evasive malware campaign delivering the PureHVNC Remote Access Trojan (RAT) has been identified by Netskope Threat...
Read more →![Threat Actors Exploit Nifty[.]com Infrastructure in Sophisticated Phishing Attack](https://cybernoz.com/wp-content/uploads/2025/05/Threat-Actors-Exploit-Niftycom-Infrastructure-in-Sophisticated-Phishing-Attack.webp.jpeg "Threat Actors Exploit Nifty[.]com Infrastructure in Sophisticated Phishing Attack 28")
Threat Actors Exploit Nifty[.]com Infrastructure in Sophisticated Phishing Attack
Threat actors have orchestrated a multi-wave phishing campaign between April and May 2025, leveraging the legitimate infrastructure of Nifty[.]com, a...
Read more →