GBHackers

FileFix Attack Exploits Windows Browser Loophole to Evade Mark-of-the-Web Security

3 min read
Share X / Twitter LinkedIn Reddit WhatsApp


A newly identified attack vector, dubbed the “FileFix Attack,” has surfaced, exploiting a subtle yet critical loophole in how modern browsers like Google Chrome and Microsoft Edge handle saved web content.

This technique cunningly sidesteps the Windows Mark-of-the-Web (MOTW) security feature, which typically flags downloaded files as potentially unsafe and prompts users with warnings before execution.

A Clever Bypass of Windows Security Mechanisms

By leveraging specific MIME types and user behavior, attackers can deliver malicious content that executes without triggering these essential safeguards.

According to the Report, the core of the FileFix Attack lies in its manipulation of how browsers save HTML content.

When a user saves a webpage using Ctrl+S or the “Save as” option in formats like “Webpage, Single File” (.mhtml) or “Webpage, Complete” (.html), and the content is served with a MIME type of text/html or application/xhtml+xml, the resulting file is not tagged with MOTW.

Default “Save As” File Name

This contrasts with other MIME types like image/png or image/svg+xml, where MOTW is applied.

Social Engineering Meets Technical Exploitation

Attackers exploit this by crafting HTML files often disguised as benign content such as backup codes and embedding malicious scripts within.

When saved and renamed with a .hta (HTML Application) extension, these files can execute scripts without security prompts, thanks to the .hta format’s ability to process HTML and scripts natively.

The attack’s sophistication is amplified through social engineering. A typical scenario involves a phishing page styled to mimic a legitimate service, prompting users to save “backup codes” using Ctrl+S.

The page might include instructions to name the file with a .hta extension, such as MfaBackupCodes2025.hta.

Upon saving and executing, the embedded JScript (e.g., spawning a command shell to ping a domain) runs unchecked.

Furthermore, attackers manipulate the </code> tag or filename conventions to influence the default save name, encouraging users to rename files in a way that avoids the automatic <code>.html</code> suffix appended by browsers thus ensuring the <code>.hta</code> extension remains intact.</p><p>Even Data URIs with <code>text/html</code> MIME types are weaponized, allowing base64-encoded malicious content to be saved without MOTW, posing an additional risk.</p><div class="wp-block-image"><figure class="aligncenter size-large"><img data-lazyloaded="1" src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxMDUwIiBoZWlnaHQ9IjU2MiIgdmlld0JveD0iMCAwIDEwNTAgNTYyIj48cmVjdCB3aWR0aD0iMTAwJSIgaGVpZ2h0PSIxMDAlIiBzdHlsZT0iZmlsbDojY2ZkNGRiO2ZpbGwtb3BhY2l0eTogMC4xOyIvPjwvc3ZnPg==" decoding="async" data-src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHtQy_ZDKGfTVzPPFs7dLjUNL9JdniYo9x9gpOKXjGCSMYit9O4Vprp8u9Qe8K6fpvHbc4mUHp8SG4cfV8zYXIHjQFLJTUhTOUu4E2gQiC6m5ginwrekMmaus9UoO4e96U_eeMq8whvWJi6Em4ykpzPSyTrBl94sWhm-JBovABq385_8QJl-2O4jtNbrQ/s16000/MIME%20types.webp" alt="FileFix Exploit" width="1050" height="562" /><figcaption class="wp-element-caption">MIME types</figcaption></figure></div><p>This attack’s implications are significant, as it bypasses a fundamental Windows security layer designed to protect users from untrusted files.</p><p>Defenders face a challenge since the technique relies on user interaction rather than a direct exploit of browser or OS vulnerabilities.</p><p>One immediate mitigation is to disable <code>mshta.exe</code>, the binary responsible for executing <code>.hta</code> files, though this may not address potential adaptations of the attack to other file types.</p><p>As this method evolves, it underscores the need for heightened user awareness and more robust browser-level controls over how saved content is flagged and processed.</p><p>The FileFix Attack serves as a stark reminder that even well-established security mechanisms like MOTW can be circumvented through a blend of technical ingenuity and psychological manipulation, urging both users and security professionals to remain vigilant against such deceptive tactics.</p><p class="has-text-align-center has-background" style="background:linear-gradient(135deg,rgb(238,238,238) 100%,rgb(169,184,195) 100%)"><strong>Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates</strong></p></div><p><a href="https://bunny.net?ref=4buc1qv1m5" border="0"><img data-lazyloaded="1" src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI5MzYiIGhlaWdodD0iMTIwIiB2aWV3Qm94PSIwIDAgOTM2IDEyMCI+PHJlY3Qgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgc3R5bGU9ImZpbGw6I2NmZDRkYjtmaWxsLW9wYWNpdHk6IDAuMTsiLz48L3N2Zz4=" decoding="async" data-src="https://image.cybernoz.com/aff/bunny.png" width="936" height="120" /></a><br /> <br /><a href="https://gbhackers.com/filefix-attack-exploits-windows-browser-loophole/">Source link </a></p></div><div class="cn-share" aria-label="Share this article"> <span class="cn-share__label">Share</span><a class="cn-share__btn cn-share__btn--x" href="https://twitter.com/intent/tweet?url=https%3A%2F%2Fcybernoz.com%2Ffilefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security%2F&text=FileFix+Attack+Exploits+Windows+Browser+Loophole+to+Evade+Mark-of-the-Web+Security" target="_blank" rel="noopener noreferrer" aria-label="Share on X/Twitter"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M12.6.75h2.454l-5.36 6.142L16 15.25h-4.937l-3.867-5.07-4.425 5.07H.316l5.733-6.57L0 .75h5.063l3.495 4.633L12.601.75Zm-.86 13.028h1.36L4.323 2.145H2.865l8.875 11.633Z"/></svg> <span>X / Twitter</span> </a><a class="cn-share__btn cn-share__btn--linkedin" href="https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcybernoz.com%2Ffilefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security%2F" target="_blank" rel="noopener noreferrer" aria-label="Share on LinkedIn"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M0 1.146C0 .513.526 0 1.175 0h13.65C15.474 0 16 .513 16 1.146v13.708c0 .633-.526 1.146-1.175 1.146H1.175C.526 16 0 15.487 0 14.854V1.146zm4.943 12.248V6.169H2.542v7.225h2.401zm-1.2-8.212c.837 0 1.358-.554 1.358-1.248-.015-.709-.52-1.248-1.342-1.248-.822 0-1.359.54-1.359 1.248 0 .694.521 1.248 1.327 1.248h.016zm4.908 8.212V9.359c0-.216.016-.432.08-.586.173-.431.568-.878 1.232-.878.869 0 1.216.662 1.216 1.634v3.865h2.401V9.25c0-2.22-1.184-3.252-2.764-3.252-1.274 0-1.845.7-2.165 1.193v.025h-.016a5.54 5.54 0 0 1 .016-.025V6.169h-2.4c.03.678 0 7.225 0 7.225h2.4z"/></svg> <span>LinkedIn</span> </a><a class="cn-share__btn cn-share__btn--reddit" href="https://www.reddit.com/submit?url=https%3A%2F%2Fcybernoz.com%2Ffilefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security%2F&title=FileFix+Attack+Exploits+Windows+Browser+Loophole+to+Evade+Mark-of-the-Web+Security" target="_blank" rel="noopener noreferrer" aria-label="Share on Reddit"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M6.167 8a.831.831 0 0 0-.83.83c0 .459.372.84.83.831a.831.831 0 0 0 0-1.661zm1.843 3.647c.315 0 1.403-.038 1.976-.611a.232.232 0 0 0 0-.306.213.213 0 0 0-.306 0c-.353.363-1.126.487-1.67.487-.545 0-1.308-.124-1.671-.487a.213.213 0 0 0-.306 0 .213.213 0 0 0 0 .306c.564.563 1.652.61 1.977.61zm.992-2.807c0 .458.373.83.831.83.458 0 .83-.381.83-.83a.831.831 0 0 0-1.66 0z"/><path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zm-3.828-1.165c-.315 0-.602.124-.812.325-1.781-.458-2.916-.458-2.916-.458l.612-2.169 1.525.372a.678.678 0 1 0 .07-.306l-1.68-.411a.198.198 0 0 0-.229.124l-.687 2.417s-1.148 0-2.954.458a1.16 1.16 0 0 0-.812-.325 1.165 1.165 0 0 0-.487 2.222 2.627 2.627 0 0 0-.03.391c0 1.97 2.293 3.572 5.122 3.572 2.828 0 5.122-1.603 5.122-3.572 0-.134-.01-.268-.039-.4a1.158 1.158 0 0 0-.487-2.222h-.018z"/></svg> <span>Reddit</span> </a><a class="cn-share__btn cn-share__btn--whatsapp" href="https://wa.me/?text=FileFix+Attack+Exploits+Windows+Browser+Loophole+to+Evade+Mark-of-the-Web+Security%20https%3A%2F%2Fcybernoz.com%2Ffilefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security%2F" target="_blank" rel="noopener noreferrer" aria-label="Share on WhatsApp"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M13.601 2.326A7.854 7.854 0 0 0 7.994 0C3.627 0 .068 3.558.064 7.926c0 1.399.366 2.76 1.057 3.965L0 16l4.204-1.102a7.933 7.933 0 0 0 3.79.965h.004c4.368 0 7.926-3.558 7.93-7.93A7.898 7.898 0 0 0 13.6 2.326zM7.994 14.521a6.573 6.573 0 0 1-3.356-.92l-.24-.144-2.494.654.666-2.433-.156-.251a6.56 6.56 0 0 1-1.007-3.505c0-3.626 2.957-6.584 6.591-6.584a6.56 6.56 0 0 1 4.66 1.931 6.557 6.557 0 0 1 1.928 4.66c-.004 3.639-2.961 6.592-6.592 6.592zm3.615-4.934c-.197-.099-1.17-.578-1.353-.646-.182-.065-.315-.099-.445.099-.133.197-.513.646-.627.775-.114.133-.232.148-.43.05-.197-.1-.836-.308-1.592-.985-.59-.525-.985-1.175-1.103-1.372-.114-.198-.011-.304.088-.403.087-.088.197-.232.296-.346.1-.114.133-.198.198-.33.065-.134.034-.248-.015-.347-.05-.099-.445-1.076-.612-1.47-.16-.389-.323-.335-.445-.34-.114-.007-.247-.007-.38-.007a.729.729 0 0 0-.529.247c-.182.198-.691.677-.691 1.654 0 .977.71 1.916.81 2.049.098.133 1.394 2.132 3.383 2.992.47.205.84.326 1.129.418.475.152.904.129 1.246.08.38-.058 1.171-.48 1.338-.943.164-.464.164-.86.114-.943-.049-.084-.182-.133-.38-.232z"/></svg> <span>WhatsApp</span> </a><a class="cn-share__btn cn-share__btn--email" href="mailto:?subject=FileFix+Attack+Exploits+Windows+Browser+Loophole+to+Evade+Mark-of-the-Web+Security&body=https%3A%2F%2Fcybernoz.com%2Ffilefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security%2F" aria-label="Share via Email"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M0 4a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v8a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2V4Zm2-1a1 1 0 0 0-1 1v.217l7 4.2 7-4.2V4a1 1 0 0 0-1-1H2Zm13 2.383-4.708 2.825L15 11.105V5.383Zm-.034 6.876-5.64-3.471L8 9.583l-1.326-.795-5.64 3.47A1 1 0 0 0 2 13h12a1 1 0 0 0 .966-.741ZM1 11.105l4.708-2.897L1 5.383v5.722Z"/></svg> <span>Email</span> </a><button class="cn-share__btn cn-share__btn--copy" onclick="navigator.clipboard.writeText('https://cybernoz.com/filefix-attack-exploits-windows-browser-loophole-to-evade-mark-of-the-web-security/').then(()=>{this.querySelector('span').textContent='Copied!';setTimeout(()=>{this.querySelector('span').textContent='Copy Link'},2000)})" aria-label="Copy link"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M4.715 6.542 3.343 7.914a3 3 0 1 0 4.243 4.243l1.828-1.829A3 3 0 0 0 8.586 5.5L8 6.086a1.002 1.002 0 0 0-.154.199 2 2 0 0 1 .861 3.337L6.88 11.45a2 2 0 1 1-2.83-2.83l.793-.792a4.018 4.018 0 0 1-.128-1.287z"/><path d="M6.586 4.672A3 3 0 0 0 7.414 9.5l.775-.776a2 2 0 0 1-.896-3.346L9.12 3.55a2 2 0 1 1 2.83 2.83l-.793.792c.112.42.155.855.128 1.287l1.372-1.372a3 3 0 1 0-4.243-4.243L6.586 4.672z"/></svg> <span>Copy Link</span> </button></div><nav class="cn-post-nav" aria-label="Post navigation" style="display:flex;justify-content:space-between;gap:1rem;margin-top:2rem;padding-top:1.5rem;border-top:1px solid var(--cn-border);"><div style="flex:1;"> <span style="font-size:0.8rem;color:var(--cn-text-muted);">« Previous</span><br><a href="https://cybernoz.com/filefix-attack-exploits-windows-browser-features-to-bypass-mark-of-the-web-protection/" rel="prev">FileFix Attack Exploits Windows Browser Features to Bypass Mark-of-the-Web Protection</a></div><div style="flex:1;text-align:right;"> <span style="font-size:0.8rem;color:var(--cn-text-muted);">Next »</span><br><a href="https://cybernoz.com/nessus-windows-vulnerabilities-allow-overwrite-of-arbitrary-local-system-files/" rel="next">Nessus Windows Vulnerabilities Allow Overwrite of Arbitrary Local System Files</a></div></nav></article><section class="cn-related" aria-label="Related articles"><div class="cn-section-header"><h2>Related Articles</h2> <a href="https://cybernoz.com/category/gbhackers/" class="cn-section-header__link"> All GBHackers → </a></div><div class="cn-posts-grid"><article class="cn-card post-238808 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/microsoft-sharepoint-server-flaw-enables-remote-code-execution-attacks/" aria-hidden="true" tabindex="-1"> <img data-no-lazy="1" width="600" height="340" src="https://image.cybernoz.com/wp-content/uploads/2026/05/Microsoft-SharePoint-Server-Flaw-Enables-Remote-Code-Execution-Attacks-600x340.webp" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks" itemprop="image" decoding="async" fetchpriority="high" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/microsoft-sharepoint-server-flaw-enables-remote-code-execution-attacks/" itemprop="url">Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks</a></h3><p class="cn-card__excerpt" itemprop="description">Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising significant concerns for enterprise environments…</p><div class="cn-card__meta"> <time datetime="2026-05-27T09:25:08+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 27, 2026 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 2 min read </span></div><meta itemprop="datePublished" content="2026-05-27T09:25:08+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-91704 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/dell-hacked-attackers-stolen-49-million-customers-information/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2024/05/Dell-Hacked-Attackers-Stolen-49-Million-Customers-Information.webp.jpeg" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="Dell Hacked Attackers Stolen 49 Million Customers Information.webp" itemprop="image" decoding="async" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/dell-hacked-attackers-stolen-49-million-customers-information/" itemprop="url">Dell Hacked – Attackers Stolen 49 Million Customers Information</a></h3><p class="cn-card__excerpt" itemprop="description">Dell Technologies recently disclosed a data breach involving a company portal that contained limited customer information related to purchases. The breach exposed customer names, physical…</p><div class="cn-card__meta"> <time datetime="2024-05-10T10:06:32+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 10, 2024 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 2 min read </span></div><meta itemprop="datePublished" content="2024-05-10T10:06:32+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-175569 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/noauth-exploit-enables-full-account-takeover-of-entra-cross-tenant-saas-applications/" aria-hidden="true" tabindex="-1"> <img width="600" height="338" src="https://image.cybernoz.com/wp-content/uploads/2025/06/nOAuth-Exploit-Enables-Full-Account-Takeover-of-Entra-Cross-Tenant-SaaS.webp.jpeg" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications" itemprop="image" decoding="async" srcset="https://image.cybernoz.com/wp-content/uploads/2025/06/nOAuth-Exploit-Enables-Full-Account-Takeover-of-Entra-Cross-Tenant-SaaS.webp.jpeg 1600w, https://image.cybernoz.com/wp-content/uploads/2025/06/nOAuth-Exploit-Enables-Full-Account-Takeover-of-Entra-Cross-Tenant-SaaS.webp-768x432.jpeg 768w, https://image.cybernoz.com/wp-content/uploads/2025/06/nOAuth-Exploit-Enables-Full-Account-Takeover-of-Entra-Cross-Tenant-SaaS.webp-1536x864.jpeg 1536w" sizes="(max-width: 600px) 100vw, 600px" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/noauth-exploit-enables-full-account-takeover-of-entra-cross-tenant-saas-applications/" itemprop="url">nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications</a></h3><p class="cn-card__excerpt" itemprop="description">A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full…</p><div class="cn-card__meta"> <time datetime="2025-06-26T21:26:11+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> June 26, 2025 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2025-06-26T21:26:11+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-171293 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/vipersoftx-malware-enhances-modularity-stealth-and-persistence-techniques/" aria-hidden="true" tabindex="-1"> <img width="600" height="338" src="https://image.cybernoz.com/wp-content/uploads/2025/06/ViperSoftX-Malware-Enhances-Modularity-Stealth-and-Persistence-Techniques.webp.jpeg" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="ViperSoftX Malware Enhances Modularity, Stealth, and Persistence Techniques" itemprop="image" decoding="async" loading="lazy" srcset="https://image.cybernoz.com/wp-content/uploads/2025/06/ViperSoftX-Malware-Enhances-Modularity-Stealth-and-Persistence-Techniques.webp.jpeg 1600w, https://image.cybernoz.com/wp-content/uploads/2025/06/ViperSoftX-Malware-Enhances-Modularity-Stealth-and-Persistence-Techniques.webp-768x432.jpeg 768w, https://image.cybernoz.com/wp-content/uploads/2025/06/ViperSoftX-Malware-Enhances-Modularity-Stealth-and-Persistence-Techniques.webp-1536x864.jpeg 1536w" sizes="auto, (max-width: 600px) 100vw, 600px" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/vipersoftx-malware-enhances-modularity-stealth-and-persistence-techniques/" itemprop="url">ViperSoftX Malware Enhances Modularity, Stealth, and Persistence Techniques</a></h3><p class="cn-card__excerpt" itemprop="description">Table of Contents Refined Execution Flow Robust Persistence IOCs The cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and…</p><div class="cn-card__meta"> <time datetime="2025-06-05T21:44:58+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> June 5, 2025 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2025-06-05T21:44:58+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-236723 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/jdownloader-website-hack-exposes-windows-and-linux-users-to-malicious-installers/" aria-hidden="true" tabindex="-1"> <img width="600" height="340" src="https://image.cybernoz.com/wp-content/uploads/2026/05/JDownloader-Website-Hack-Exposes-Windows-and-Linux-Users-to-Malicious-600x340.webp" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers" itemprop="image" decoding="async" loading="lazy" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/jdownloader-website-hack-exposes-windows-and-linux-users-to-malicious-installers/" itemprop="url">JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers</a></h3><p class="cn-card__excerpt" itemprop="description">A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with trojanized…</p><div class="cn-card__meta"> <time datetime="2026-05-16T16:25:03+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 16, 2026 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2026-05-16T16:25:03+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-176778 post type-post status-publish format-standard has-post-thumbnail hentry category-gbhackers" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/scattered-spider-enhances-tactics-to-exploit-legitimate-tools-for-evasion-and-persistence/" aria-hidden="true" tabindex="-1"> <img width="600" height="338" src="https://image.cybernoz.com/wp-content/uploads/2025/07/Scattered-Spider-Enhances-Tactics-to-Exploit-Legitimate-Tools-for-Evasion.webp.jpeg" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence" itemprop="image" decoding="async" loading="lazy" srcset="https://image.cybernoz.com/wp-content/uploads/2025/07/Scattered-Spider-Enhances-Tactics-to-Exploit-Legitimate-Tools-for-Evasion.webp.jpeg 1600w, https://image.cybernoz.com/wp-content/uploads/2025/07/Scattered-Spider-Enhances-Tactics-to-Exploit-Legitimate-Tools-for-Evasion.webp-768x432.jpeg 768w, https://image.cybernoz.com/wp-content/uploads/2025/07/Scattered-Spider-Enhances-Tactics-to-Exploit-Legitimate-Tools-for-Evasion.webp-1536x864.jpeg 1536w" sizes="auto, (max-width: 600px) 100vw, 600px" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/gbhackers/">GBHackers</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/scattered-spider-enhances-tactics-to-exploit-legitimate-tools-for-evasion-and-persistence/" itemprop="url">Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence</a></h3><p class="cn-card__excerpt" itemprop="description">Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially motivated cybercriminal group since at…</p><div class="cn-card__meta"> <time datetime="2025-07-04T14:36:11+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> July 4, 2025 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 2 min read </span></div><meta itemprop="datePublished" content="2025-07-04T14:36:11+03:00"><meta itemprop="author" content="Cybernoz"></div></article></div></section><div id="comments" class="cn-comments"></div></div><aside class="cn-sidebar" role="complementary" aria-label="Sidebar"><div id="block-3" class="cn-widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">Latest Posts</h2><ul class="wp-block-latest-posts__list wp-block-latest-posts"><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/mda-hack-meerut-website-defaced-with-pro-pakistan-messages/">MDA Hack: Meerut Website Defaced With Pro-Pakistan Messages</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/delivering-healthcare-ai-success-with-sound-foundations-and-a-systemic-approach/">Delivering healthcare AI success with sound foundations and a systemic approach</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/dirtyclone-linux-kernel-vulnerability-leads-to-root-access/">‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/stegoad-how-119-fake-browser-extensions-stole-credentials-and-ran-ad-fraud-for-two-years/">StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/reconnaissance-for-exposure-management-why-context-matters-in-the-ai-era/">Reconnaissance for exposure management. Why context matters in the AI era</a></li></ul></div></div></div><div id="block-12" class="cn-widget widget_block widget_categories"><ul class="wp-block-categories-list wp-block-categories"><li class="cat-item cat-item-9971"><a href="https://cybernoz.com/category/agbi/">Agbi</a></li><li class="cat-item cat-item-9986"><a href="https://cybernoz.com/category/arstechnica/">ArsTechnica</a></li><li class="cat-item cat-item-9981"><a href="https://cybernoz.com/category/attackdefense/">AttackDefense</a></li><li class="cat-item cat-item-9974"><a href="https://cybernoz.com/category/australiancybersecuritymagazine/">Australiancybersecuritymagazine</a></li><li class="cat-item cat-item-9892"><a href="https://cybernoz.com/category/bankinfosecurity/">Bankinfosecurity</a></li><li class="cat-item cat-item-2"><a href="https://cybernoz.com/category/bleeping-computer/">Bleeping Computer</a></li><li class="cat-item cat-item-9984"><a href="https://cybernoz.com/category/cisoonline/">CISOOnline</a></li><li class="cat-item cat-item-9991"><a href="https://cybernoz.com/category/cloudsecurity/">CloudSecurity</a></li><li class="cat-item cat-item-9891"><a href="https://cybernoz.com/category/computerweekly/">ComputerWeekly</a></li><li class="cat-item cat-item-9983"><a href="https://cybernoz.com/category/crowdstrike/">Crowdstrike</a></li><li class="cat-item cat-item-5821"><a href="https://cybernoz.com/category/cybersecurityventures/">Cyber Security Ventures</a></li><li class="cat-item cat-item-85"><a href="https://cybernoz.com/category/cyberdefensemagazine/">CyberDefenseMagazine</a></li><li class="cat-item cat-item-714"><a href="https://cybernoz.com/category/cybernews/">CyberNews</a></li><li class="cat-item cat-item-9957"><a href="https://cybernoz.com/category/cyberscoop/">Cyberscoop</a></li><li class="cat-item cat-item-4393"><a href="https://cybernoz.com/category/cybersecurity-insiders/">CyberSecurity-Insiders</a></li><li class="cat-item cat-item-9955"><a href="https://cybernoz.com/category/cybersecuritydive/">CyberSecurityDive</a></li><li class="cat-item cat-item-4"><a href="https://cybernoz.com/category/cybersecuritynews/">CyberSecurityNews</a></li><li class="cat-item cat-item-9975"><a href="https://cybernoz.com/category/cyberwire/">CyberWire</a></li><li class="cat-item cat-item-9890"><a href="https://cybernoz.com/category/darkreading/">DarkReading</a></li><li class="cat-item cat-item-863"><a href="https://cybernoz.com/category/exploitone/">ExploitOne</a></li><li class="cat-item cat-item-871"><a href="https://cybernoz.com/category/gbhackers/">GBHackers</a></li><li class="cat-item cat-item-1"><a href="https://cybernoz.com/category/genel/">Genel</a></li><li class="cat-item cat-item-4384"><a href="https://cybernoz.com/category/hackercombat/">HackerCombat</a></li><li class="cat-item cat-item-4380"><a href="https://cybernoz.com/category/hackread/">HackRead</a></li><li class="cat-item cat-item-8604"><a href="https://cybernoz.com/category/helpnetsecurity/">HelpnetSecurity</a></li><li class="cat-item cat-item-9989"><a href="https://cybernoz.com/category/industrialcyber/">IndustrialCyber</a></li><li class="cat-item cat-item-9987"><a href="https://cybernoz.com/category/infosecurity/">InfoSecurity</a></li><li class="cat-item cat-item-9888"><a href="https://cybernoz.com/category/itnews/">ITnews</a></li><li class="cat-item cat-item-109"><a href="https://cybernoz.com/category/itsecurityguru/">ITSecurityGuru</a></li><li class="cat-item cat-item-126"><a href="https://cybernoz.com/category/krebson/">Krebson</a></li><li class="cat-item cat-item-8607"><a href="https://cybernoz.com/category/malwarebytes/">MalwareBytes</a></li><li class="cat-item cat-item-9893"><a href="https://cybernoz.com/category/mix/">Mix</a></li><li class="cat-item cat-item-9990"><a href="https://cybernoz.com/category/otsecurity/">OTSecurity</a></li><li class="cat-item cat-item-5"><a href="https://cybernoz.com/category/portswigger/">PortSwigger</a></li><li class="cat-item cat-item-9982"><a href="https://cybernoz.com/category/rapid7/">Rapid7</a></li><li class="cat-item cat-item-9973"><a href="https://cybernoz.com/category/scmp/">SCMP</a></li><li class="cat-item cat-item-9980"><a href="https://cybernoz.com/category/securelirt/">securelist</a></li><li class="cat-item cat-item-9895"><a href="https://cybernoz.com/category/securityaffairs/">Securityaffairs</a></li><li class="cat-item cat-item-9894"><a href="https://cybernoz.com/category/securityweek/">SecurityWeek</a></li><li class="cat-item cat-item-9985"><a href="https://cybernoz.com/category/techcrunch/">techcrunch</a></li><li class="cat-item cat-item-9889"><a href="https://cybernoz.com/category/thecyberexpress/">TheCyberExpress</a></li><li class="cat-item cat-item-3"><a href="https://cybernoz.com/category/thehackernews/">TheHackerNews</a></li><li class="cat-item cat-item-9993"><a href="https://cybernoz.com/category/threatintelligence-incidentresponse/">ThreatIntelligence-IncidentResponse</a></li><li class="cat-item cat-item-9978"><a href="https://cybernoz.com/category/tldrsec/">Tldrsec</a></li><li class="cat-item cat-item-9979"><a href="https://cybernoz.com/category/unit42/">Unit42</a></li><li class="cat-item cat-item-9992"><a href="https://cybernoz.com/category/vendorresearch/">VendorResearch</a></li><li class="cat-item cat-item-9967"><a href="https://cybernoz.com/category/welivesecurity/">welivesecurity</a></li><li class="cat-item cat-item-707"><a href="https://cybernoz.com/category/wired/">Wired</a></li><li class="cat-item cat-item-9977"><a href="https://cybernoz.com/category/zerosalarium/">Zerosalarium</a></li></ul></div></aside></div></div></main><footer class="cn-footer" role="contentinfo" itemscope itemtype="https://schema.org/WPFooter"><div class="cn-container"><div class="cn-footer__main"><div class="cn-footer__brand"> <a href="https://cybernoz.com/" class="cn-logo" style="color:#fff;"> <span class="cn-logo__icon" aria-hidden="true">☍</span> CyberNoz </a><p>Cybersecurity News</p></div><div><div id="block-15" class="cn-footer-widget widget_block widget_categories"><ul class="wp-block-categories-list wp-block-categories"><li class="cat-item cat-item-9971"><a href="https://cybernoz.com/category/agbi/">Agbi</a></li><li class="cat-item cat-item-9986"><a href="https://cybernoz.com/category/arstechnica/">ArsTechnica</a></li><li class="cat-item cat-item-9981"><a href="https://cybernoz.com/category/attackdefense/">AttackDefense</a></li><li class="cat-item cat-item-9974"><a href="https://cybernoz.com/category/australiancybersecuritymagazine/">Australiancybersecuritymagazine</a></li><li class="cat-item cat-item-9892"><a href="https://cybernoz.com/category/bankinfosecurity/">Bankinfosecurity</a></li><li class="cat-item cat-item-2"><a href="https://cybernoz.com/category/bleeping-computer/">Bleeping Computer</a></li><li class="cat-item cat-item-9984"><a href="https://cybernoz.com/category/cisoonline/">CISOOnline</a></li><li class="cat-item cat-item-9991"><a href="https://cybernoz.com/category/cloudsecurity/">CloudSecurity</a></li><li class="cat-item cat-item-9891"><a href="https://cybernoz.com/category/computerweekly/">ComputerWeekly</a></li><li class="cat-item cat-item-9983"><a href="https://cybernoz.com/category/crowdstrike/">Crowdstrike</a></li><li class="cat-item cat-item-5821"><a href="https://cybernoz.com/category/cybersecurityventures/">Cyber Security Ventures</a></li><li class="cat-item cat-item-85"><a href="https://cybernoz.com/category/cyberdefensemagazine/">CyberDefenseMagazine</a></li><li class="cat-item cat-item-714"><a href="https://cybernoz.com/category/cybernews/">CyberNews</a></li><li class="cat-item cat-item-9957"><a href="https://cybernoz.com/category/cyberscoop/">Cyberscoop</a></li><li class="cat-item cat-item-4393"><a href="https://cybernoz.com/category/cybersecurity-insiders/">CyberSecurity-Insiders</a></li><li class="cat-item cat-item-9955"><a href="https://cybernoz.com/category/cybersecuritydive/">CyberSecurityDive</a></li><li class="cat-item cat-item-4"><a href="https://cybernoz.com/category/cybersecuritynews/">CyberSecurityNews</a></li><li class="cat-item cat-item-9975"><a href="https://cybernoz.com/category/cyberwire/">CyberWire</a></li><li class="cat-item cat-item-9890"><a href="https://cybernoz.com/category/darkreading/">DarkReading</a></li><li class="cat-item cat-item-863"><a href="https://cybernoz.com/category/exploitone/">ExploitOne</a></li><li class="cat-item cat-item-871"><a href="https://cybernoz.com/category/gbhackers/">GBHackers</a></li><li class="cat-item cat-item-1"><a href="https://cybernoz.com/category/genel/">Genel</a></li><li class="cat-item cat-item-4384"><a href="https://cybernoz.com/category/hackercombat/">HackerCombat</a></li><li class="cat-item cat-item-4380"><a href="https://cybernoz.com/category/hackread/">HackRead</a></li><li class="cat-item cat-item-8604"><a href="https://cybernoz.com/category/helpnetsecurity/">HelpnetSecurity</a></li><li class="cat-item cat-item-9989"><a href="https://cybernoz.com/category/industrialcyber/">IndustrialCyber</a></li><li class="cat-item cat-item-9987"><a href="https://cybernoz.com/category/infosecurity/">InfoSecurity</a></li><li class="cat-item cat-item-9888"><a href="https://cybernoz.com/category/itnews/">ITnews</a></li><li class="cat-item cat-item-109"><a href="https://cybernoz.com/category/itsecurityguru/">ITSecurityGuru</a></li><li class="cat-item cat-item-126"><a href="https://cybernoz.com/category/krebson/">Krebson</a></li><li class="cat-item cat-item-8607"><a href="https://cybernoz.com/category/malwarebytes/">MalwareBytes</a></li><li class="cat-item cat-item-9893"><a href="https://cybernoz.com/category/mix/">Mix</a></li><li class="cat-item cat-item-9990"><a href="https://cybernoz.com/category/otsecurity/">OTSecurity</a></li><li class="cat-item cat-item-5"><a href="https://cybernoz.com/category/portswigger/">PortSwigger</a></li><li class="cat-item cat-item-9982"><a href="https://cybernoz.com/category/rapid7/">Rapid7</a></li><li class="cat-item cat-item-9973"><a href="https://cybernoz.com/category/scmp/">SCMP</a></li><li class="cat-item cat-item-9980"><a href="https://cybernoz.com/category/securelirt/">securelist</a></li><li class="cat-item cat-item-9895"><a href="https://cybernoz.com/category/securityaffairs/">Securityaffairs</a></li><li class="cat-item cat-item-9894"><a href="https://cybernoz.com/category/securityweek/">SecurityWeek</a></li><li class="cat-item cat-item-9985"><a href="https://cybernoz.com/category/techcrunch/">techcrunch</a></li><li class="cat-item cat-item-9889"><a href="https://cybernoz.com/category/thecyberexpress/">TheCyberExpress</a></li><li class="cat-item cat-item-3"><a href="https://cybernoz.com/category/thehackernews/">TheHackerNews</a></li><li class="cat-item cat-item-9993"><a href="https://cybernoz.com/category/threatintelligence-incidentresponse/">ThreatIntelligence-IncidentResponse</a></li><li class="cat-item cat-item-9978"><a href="https://cybernoz.com/category/tldrsec/">Tldrsec</a></li><li class="cat-item cat-item-9979"><a href="https://cybernoz.com/category/unit42/">Unit42</a></li><li class="cat-item cat-item-9992"><a href="https://cybernoz.com/category/vendorresearch/">VendorResearch</a></li><li class="cat-item cat-item-9967"><a href="https://cybernoz.com/category/welivesecurity/">welivesecurity</a></li><li class="cat-item cat-item-707"><a href="https://cybernoz.com/category/wired/">Wired</a></li><li class="cat-item cat-item-9977"><a href="https://cybernoz.com/category/zerosalarium/">Zerosalarium</a></li></ul></div></div><div><div class="cn-footer__heading">Archive</div><ul><li><a href='https://cybernoz.com/2026/06/'>June 2026</a></li><li><a href='https://cybernoz.com/2026/05/'>May 2026</a></li><li><a href='https://cybernoz.com/2026/04/'>April 2026</a></li><li><a href='https://cybernoz.com/2026/03/'>March 2026</a></li><li><a href='https://cybernoz.com/2026/02/'>February 2026</a></li><li><a href='https://cybernoz.com/2026/01/'>January 2026</a></li><li><a href='https://cybernoz.com/2025/12/'>December 2025</a></li><li><a href='https://cybernoz.com/2025/11/'>November 2025</a></li><li><a href='https://cybernoz.com/2025/10/'>October 2025</a></li><li><a href='https://cybernoz.com/2025/09/'>September 2025</a></li><li><a href='https://cybernoz.com/2025/08/'>August 2025</a></li><li><a href='https://cybernoz.com/2025/07/'>July 2025</a></li></ul></div><div><div id="block-18" class="cn-footer-widget widget_block"><div class="wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex"><div class="wp-block-column is-layout-flow wp-block-column-is-layout-flow" style="flex-basis:100%"><ul class="wp-block-archives-list wp-block-archives"><li><a href='https://cybernoz.com/2026/06/'>June 2026</a></li><li><a href='https://cybernoz.com/2026/05/'>May 2026</a></li><li><a href='https://cybernoz.com/2026/04/'>April 2026</a></li><li><a href='https://cybernoz.com/2026/03/'>March 2026</a></li><li><a href='https://cybernoz.com/2026/02/'>February 2026</a></li><li><a href='https://cybernoz.com/2026/01/'>January 2026</a></li><li><a href='https://cybernoz.com/2025/12/'>December 2025</a></li><li><a href='https://cybernoz.com/2025/11/'>November 2025</a></li><li><a href='https://cybernoz.com/2025/10/'>October 2025</a></li><li><a href='https://cybernoz.com/2025/09/'>September 2025</a></li><li><a href='https://cybernoz.com/2025/08/'>August 2025</a></li><li><a href='https://cybernoz.com/2025/07/'>July 2025</a></li><li><a href='https://cybernoz.com/2025/06/'>June 2025</a></li><li><a href='https://cybernoz.com/2025/05/'>May 2025</a></li><li><a href='https://cybernoz.com/2025/04/'>April 2025</a></li><li><a href='https://cybernoz.com/2025/03/'>March 2025</a></li><li><a href='https://cybernoz.com/2025/02/'>February 2025</a></li><li><a href='https://cybernoz.com/2025/01/'>January 2025</a></li><li><a href='https://cybernoz.com/2024/12/'>December 2024</a></li><li><a href='https://cybernoz.com/2024/11/'>November 2024</a></li><li><a href='https://cybernoz.com/2024/10/'>October 2024</a></li><li><a href='https://cybernoz.com/2024/09/'>September 2024</a></li><li><a href='https://cybernoz.com/2024/08/'>August 2024</a></li><li><a href='https://cybernoz.com/2024/07/'>July 2024</a></li><li><a href='https://cybernoz.com/2024/06/'>June 2024</a></li><li><a href='https://cybernoz.com/2024/05/'>May 2024</a></li><li><a href='https://cybernoz.com/2024/04/'>April 2024</a></li><li><a href='https://cybernoz.com/2024/03/'>March 2024</a></li><li><a href='https://cybernoz.com/2024/02/'>February 2024</a></li><li><a href='https://cybernoz.com/2024/01/'>January 2024</a></li><li><a href='https://cybernoz.com/2023/12/'>December 2023</a></li><li><a href='https://cybernoz.com/2023/11/'>November 2023</a></li><li><a href='https://cybernoz.com/2023/10/'>October 2023</a></li><li><a href='https://cybernoz.com/2023/09/'>September 2023</a></li><li><a href='https://cybernoz.com/2023/08/'>August 2023</a></li><li><a href='https://cybernoz.com/2023/07/'>July 2023</a></li><li><a href='https://cybernoz.com/2023/06/'>June 2023</a></li><li><a href='https://cybernoz.com/2023/05/'>May 2023</a></li><li><a href='https://cybernoz.com/2023/04/'>April 2023</a></li><li><a href='https://cybernoz.com/2023/03/'>March 2023</a></li><li><a href='https://cybernoz.com/2023/02/'>February 2023</a></li><li><a href='https://cybernoz.com/2023/01/'>January 2023</a></li><li><a href='https://cybernoz.com/2022/12/'>December 2022</a></li></ul></div></div></div></div></div><div class="cn-footer__bottom"><div> © 2026 <strong>Cybernoz</strong>. All rights reserved.</div><div class="cn-footer__social"></div></div></div></footer> <script type="speculationrules">{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/cybernoz-theme/*","/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}</script> <script id="wp-i18n-js-after" type="litespeed/javascript">wp.i18n.setLocaleData({'text direction\u0004ltr':['ltr']})</script> <script id="contact-form-7-js-before" type="litespeed/javascript">var wpcf7={"api":{"root":"https:\/\/cybernoz.com\/wp-json\/","namespace":"contact-form-7\/v1"},"cached":1}</script> <script type="litespeed/javascript" data-src="https://challenges.cloudflare.com/turnstile/v0/api.js" id="cloudflare-turnstile-js" data-wp-strategy="async"></script> <script id="cloudflare-turnstile-js-after" type="litespeed/javascript">document.addEventListener('wpcf7submit',e=>turnstile.reset())</script> <script data-no-optimize="1">window.lazyLoadOptions=Object.assign({},{threshold:300},window.lazyLoadOptions||{});!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t||self).LazyLoad=e()}(this,function(){"use strict";function e(){return(e=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n,a=arguments[e];for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(t[n]=a[n])}return t}).apply(this,arguments)}function o(t){return e({},at,t)}function l(t,e){return t.getAttribute(gt+e)}function c(t){return l(t,vt)}function s(t,e){return function(t,e,n){e=gt+e;null!==n?t.setAttribute(e,n):t.removeAttribute(e)}(t,vt,e)}function i(t){return s(t,null),0}function r(t){return null===c(t)}function u(t){return c(t)===_t}function d(t,e,n,a){t&&(void 0===a?void 0===n?t(e):t(e,n):t(e,n,a))}function f(t,e){et?t.classList.add(e):t.className+=(t.className?" ":"")+e}function _(t,e){et?t.classList.remove(e):t.className=t.className.replace(new RegExp("(^|\\s+)"+e+"(\\s+|$)")," ").replace(/^\s+/,"").replace(/\s+$/,"")}function g(t){return t.llTempImage}function v(t,e){!e||(e=e._observer)&&e.unobserve(t)}function b(t,e){t&&(t.loadingCount+=e)}function p(t,e){t&&(t.toLoadCount=e)}function n(t){for(var e,n=[],a=0;e=t.children[a];a+=1)"SOURCE"===e.tagName&&n.push(e);return n}function h(t,e){(t=t.parentNode)&&"PICTURE"===t.tagName&&n(t).forEach(e)}function a(t,e){n(t).forEach(e)}function m(t){return!!t[lt]}function E(t){return t[lt]}function I(t){return delete t[lt]}function y(e,t){var n;m(e)||(n={},t.forEach(function(t){n[t]=e.getAttribute(t)}),e[lt]=n)}function L(a,t){var o;m(a)&&(o=E(a),t.forEach(function(t){var e,n;e=a,(t=o[n=t])?e.setAttribute(n,t):e.removeAttribute(n)}))}function k(t,e,n){f(t,e.class_loading),s(t,st),n&&(b(n,1),d(e.callback_loading,t,n))}function A(t,e,n){n&&t.setAttribute(e,n)}function O(t,e){A(t,rt,l(t,e.data_sizes)),A(t,it,l(t,e.data_srcset)),A(t,ot,l(t,e.data_src))}function w(t,e,n){var a=l(t,e.data_bg_multi),o=l(t,e.data_bg_multi_hidpi);(a=nt&&o?o:a)&&(t.style.backgroundImage=a,n=n,f(t=t,(e=e).class_applied),s(t,dt),n&&(e.unobserve_completed&&v(t,e),d(e.callback_applied,t,n)))}function x(t,e){!e||0<e.loadingCount||0<e.toLoadCount||d(t.callback_finish,e)}function M(t,e,n){t.addEventListener(e,n),t.llEvLisnrs[e]=n}function N(t){return!!t.llEvLisnrs}function z(t){if(N(t)){var e,n,a=t.llEvLisnrs;for(e in a){var o=a[e];n=e,o=o,t.removeEventListener(n,o)}delete t.llEvLisnrs}}function C(t,e,n){var a;delete t.llTempImage,b(n,-1),(a=n)&&--a.toLoadCount,_(t,e.class_loading),e.unobserve_completed&&v(t,n)}function R(i,r,c){var l=g(i)||i;N(l)||function(t,e,n){N(t)||(t.llEvLisnrs={});var a="VIDEO"===t.tagName?"loadeddata":"load";M(t,a,e),M(t,"error",n)}(l,function(t){var e,n,a,o;n=r,a=c,o=u(e=i),C(e,n,a),f(e,n.class_loaded),s(e,ut),d(n.callback_loaded,e,a),o||x(n,a),z(l)},function(t){var e,n,a,o;n=r,a=c,o=u(e=i),C(e,n,a),f(e,n.class_error),s(e,ft),d(n.callback_error,e,a),o||x(n,a),z(l)})}function T(t,e,n){var a,o,i,r,c;t.llTempImage=document.createElement("IMG"),R(t,e,n),m(c=t)||(c[lt]={backgroundImage:c.style.backgroundImage}),i=n,r=l(a=t,(o=e).data_bg),c=l(a,o.data_bg_hidpi),(r=nt&&c?c:r)&&(a.style.backgroundImage='url("'.concat(r,'")'),g(a).setAttribute(ot,r),k(a,o,i)),w(t,e,n)}function G(t,e,n){var a;R(t,e,n),a=e,e=n,(t=Et[(n=t).tagName])&&(t(n,a),k(n,a,e))}function D(t,e,n){var a;a=t,(-1<It.indexOf(a.tagName)?G:T)(t,e,n)}function S(t,e,n){var a;t.setAttribute("loading","lazy"),R(t,e,n),a=e,(e=Et[(n=t).tagName])&&e(n,a),s(t,_t)}function V(t){t.removeAttribute(ot),t.removeAttribute(it),t.removeAttribute(rt)}function j(t){h(t,function(t){L(t,mt)}),L(t,mt)}function F(t){var e;(e=yt[t.tagName])?e(t):m(e=t)&&(t=E(e),e.style.backgroundImage=t.backgroundImage)}function P(t,e){var n;F(t),n=e,r(e=t)||u(e)||(_(e,n.class_entered),_(e,n.class_exited),_(e,n.class_applied),_(e,n.class_loading),_(e,n.class_loaded),_(e,n.class_error)),i(t),I(t)}function U(t,e,n,a){var o;n.cancel_on_exit&&(c(t)!==st||"IMG"===t.tagName&&(z(t),h(o=t,function(t){V(t)}),V(o),j(t),_(t,n.class_loading),b(a,-1),i(t),d(n.callback_cancel,t,e,a)))}function $(t,e,n,a){var o,i,r=(i=t,0<=bt.indexOf(c(i)));s(t,"entered"),f(t,n.class_entered),_(t,n.class_exited),o=t,i=a,n.unobserve_entered&&v(o,i),d(n.callback_enter,t,e,a),r||D(t,n,a)}function q(t){return t.use_native&&"loading"in HTMLImageElement.prototype}function H(t,o,i){t.forEach(function(t){return(a=t).isIntersecting||0<a.intersectionRatio?$(t.target,t,o,i):(e=t.target,n=t,a=o,t=i,void(r(e)||(f(e,a.class_exited),U(e,n,a,t),d(a.callback_exit,e,n,t))));var e,n,a})}function B(e,n){var t;tt&&!q(e)&&(n._observer=new IntersectionObserver(function(t){H(t,e,n)},{root:(t=e).container===document?null:t.container,rootMargin:t.thresholds||t.threshold+"px"}))}function J(t){return Array.prototype.slice.call(t)}function K(t){return t.container.querySelectorAll(t.elements_selector)}function Q(t){return c(t)===ft}function W(t,e){return e=t||K(e),J(e).filter(r)}function X(e,t){var n;(n=K(e),J(n).filter(Q)).forEach(function(t){_(t,e.class_error),i(t)}),t.update()}function t(t,e){var n,a,t=o(t);this._settings=t,this.loadingCount=0,B(t,this),n=t,a=this,Y&&window.addEventListener("online",function(){X(n,a)}),this.update(e)}var Y="undefined"!=typeof window,Z=Y&&!("onscroll"in window)||"undefined"!=typeof navigator&&/(gle|ing|ro)bot|crawl|spider/i.test(navigator.userAgent),tt=Y&&"IntersectionObserver"in window,et=Y&&"classList"in document.createElement("p"),nt=Y&&1<window.devicePixelRatio,at={elements_selector:".lazy",container:Z||Y?document:null,threshold:300,thresholds:null,data_src:"src",data_srcset:"srcset",data_sizes:"sizes",data_bg:"bg",data_bg_hidpi:"bg-hidpi",data_bg_multi:"bg-multi",data_bg_multi_hidpi:"bg-multi-hidpi",data_poster:"poster",class_applied:"applied",class_loading:"litespeed-loading",class_loaded:"litespeed-loaded",class_error:"error",class_entered:"entered",class_exited:"exited",unobserve_completed:!0,unobserve_entered:!1,cancel_on_exit:!0,callback_enter:null,callback_exit:null,callback_applied:null,callback_loading:null,callback_loaded:null,callback_error:null,callback_finish:null,callback_cancel:null,use_native:!1},ot="src",it="srcset",rt="sizes",ct="poster",lt="llOriginalAttrs",st="loading",ut="loaded",dt="applied",ft="error",_t="native",gt="data-",vt="ll-status",bt=[st,ut,dt,ft],pt=[ot],ht=[ot,ct],mt=[ot,it,rt],Et={IMG:function(t,e){h(t,function(t){y(t,mt),O(t,e)}),y(t,mt),O(t,e)},IFRAME:function(t,e){y(t,pt),A(t,ot,l(t,e.data_src))},VIDEO:function(t,e){a(t,function(t){y(t,pt),A(t,ot,l(t,e.data_src))}),y(t,ht),A(t,ct,l(t,e.data_poster)),A(t,ot,l(t,e.data_src)),t.load()}},It=["IMG","IFRAME","VIDEO"],yt={IMG:j,IFRAME:function(t){L(t,pt)},VIDEO:function(t){a(t,function(t){L(t,pt)}),L(t,ht),t.load()}},Lt=["IMG","IFRAME","VIDEO"];return t.prototype={update:function(t){var e,n,a,o=this._settings,i=W(t,o);{if(p(this,i.length),!Z&&tt)return q(o)?(e=o,n=this,i.forEach(function(t){-1!==Lt.indexOf(t.tagName)&&S(t,e,n)}),void p(n,0)):(t=this._observer,o=i,t.disconnect(),a=t,void o.forEach(function(t){a.observe(t)}));this.loadAll(i)}},destroy:function(){this._observer&&this._observer.disconnect(),K(this._settings).forEach(function(t){I(t)}),delete this._observer,delete this._settings,delete this.loadingCount,delete this.toLoadCount},loadAll:function(t){var e=this,n=this._settings;W(t,n).forEach(function(t){v(t,e),D(t,n,e)})},restoreAll:function(){var e=this._settings;K(e).forEach(function(t){P(t,e)})}},t.load=function(t,e){e=o(e);D(t,e)},t.resetStatus=function(t){i(t)},t}),function(t,e){"use strict";function n(){e.body.classList.add("litespeed_lazyloaded")}function a(){console.log("[LiteSpeed] Start Lazy Load"),o=new LazyLoad(Object.assign({},t.lazyLoadOptions||{},{elements_selector:"[data-lazyloaded]",callback_finish:n})),i=function(){o.update()},t.MutationObserver&&new MutationObserver(i).observe(e.documentElement,{childList:!0,subtree:!0,attributes:!0})}var o,i;t.addEventListener?t.addEventListener("load",a,!1):t.attachEvent("onload",a)}(window,document);</script><script data-no-optimize="1">window.litespeed_ui_events=window.litespeed_ui_events||["mouseover","click","keydown","wheel","touchmove","touchstart"];var urlCreator=window.URL||window.webkitURL;function litespeed_load_delayed_js_force(){console.log("[LiteSpeed] Start Load JS Delayed"),litespeed_ui_events.forEach(e=>{window.removeEventListener(e,litespeed_load_delayed_js_force,{passive:!0})}),document.querySelectorAll("iframe[data-litespeed-src]").forEach(e=>{e.setAttribute("src",e.getAttribute("data-litespeed-src"))}),"loading"==document.readyState?window.addEventListener("DOMContentLoaded",litespeed_load_delayed_js):litespeed_load_delayed_js()}litespeed_ui_events.forEach(e=>{window.addEventListener(e,litespeed_load_delayed_js_force,{passive:!0})});async function litespeed_load_delayed_js(){let t=[];for(var d in document.querySelectorAll('script[type="litespeed/javascript"]').forEach(e=>{t.push(e)}),t)await new Promise(e=>litespeed_load_one(t[d],e));document.dispatchEvent(new Event("DOMContentLiteSpeedLoaded")),window.dispatchEvent(new Event("DOMContentLiteSpeedLoaded"))}function litespeed_load_one(t,e){console.log("[LiteSpeed] Load ",t);var d=document.createElement("script");d.addEventListener("load",e),d.addEventListener("error",e),t.getAttributeNames().forEach(e=>{"type"!=e&&d.setAttribute("data-src"==e?"src":e,t.getAttribute(e))});let a=!(d.type="text/javascript");!d.src&&t.textContent&&(d.src=litespeed_inline2src(t.textContent),a=!0),t.after(d),t.remove(),a&&e()}function litespeed_inline2src(t){try{var d=urlCreator.createObjectURL(new Blob([t.replace(/^(?:<!--)?(.*?)(?:-->)?$/gm,"$1")],{type:"text/javascript"}))}catch(e){d="data:text/javascript;base64,"+btoa(t.replace(/^(?:<!--)?(.*?)(?:-->)?$/gm,"$1"))}return d}</script><script data-no-optimize="1">var litespeed_vary=document.cookie.replace(/(?:(?:^|.*;\s*)_lscache_vary\s*\=\s*([^;]*).*$)|^.*$/,"");litespeed_vary||(sessionStorage.getItem("litespeed_reloaded")?console.log("LiteSpeed: skipping guest vary reload (already reloaded this session)"):fetch("/wp-content/plugins/litespeed-cache/guest.vary.php",{method:"POST",cache:"no-cache",redirect:"follow"}).then(e=>e.json()).then(e=>{console.log(e),e.hasOwnProperty("reload")&&"yes"==e.reload&&(sessionStorage.setItem("litespeed_docref",document.referrer),sessionStorage.setItem("litespeed_reloaded","1"),window.location.reload(!0))}));</script><script data-optimized="1" type="litespeed/javascript" data-src="https://js.cybernoz.com/wp-content/litespeed/js/607a720420d1a125ebaaf88a388205ff.js?ver=d34df"></script></body></html> <!-- Page optimized by LiteSpeed Cache @2026-06-29 15:46:33 --> <!-- Page cached by LiteSpeed Cache 7.8.1 on 2026-06-29 15:46:32 --> <!-- Guest Mode --> <!-- QUIC.cloud UCSS in queue -->