Knogin Cyber News – Page 4 – Collating the Latest Cyber Security News from Around the World

Latest Posts

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack

Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and….

Uncategorized

Regulating AI Behavior with a Hypervisor

Interesting research: “Guillotine: Hypervisors for Isolating Malicious AIs.” Abstract:As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to….

Uncategorized

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024…..

Uncategorized

CVE-2025-23016 – Exploiting the FastCGI library

# CVE-2025-23016 – Exploiting the FastCGI library At the beginning of 2025, as part of our internal research, we discovered a vulnerability in the FastCGI lightweight web server development library…..

Uncategorized

OnlyOffice: Docker Man-in-the-middle attack

**security-research** Public # OnlyOffice: Docker Man-in-the-middle attack (MitM) ## Package ## Affected versions ## Patched versions ## Description ### Summary The OnlyOffice Community Server Docker image downloads a `.deb` file….

Uncategorized

Document My Pentest: you hack, the AI writes it up!

Researcher **Published:** 23 April 2025 at 13:17 UTC **Updated:** 23 April 2025 at 13:17 UTC **Tired of repeating yourself? Automate your web security audit trail. In this post I’ll introduce….

Uncategorized

Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices

Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software. “The….

Uncategorized

Three Reasons Why the Browser is Best for Stopping Phishing Attacks

Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before. ….

Uncategorized

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp

Multiple suspected Russia-linked threat actors are “aggressively” targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since….

Uncategorized

Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack

The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users’ private….