Daily CyberSecurity •

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service

Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

Cybercriminals

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service

February 9, 2026

The Invisible Landlord: ShadowSyndicate Rotates Keys to Hide Infrastructure

ShadowSyndicate

Cybercriminals

The Invisible Landlord: ShadowSyndicate Rotates Keys to Hide Infrastructure

February 6, 2026

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning

NGINX Traffic Hijacking SEO Poisoning

Cybercriminals

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning

February 6, 2026

Cloud-Hosted Trap: Phishers Use Vercel & Telegram to Bypass Filters

Vercel Blob Phishing PDF Phishing Campaign

Cybercriminals

Cloud-Hosted Trap: Phishers Use Vercel & Telegram to Bypass Filters

February 6, 2026

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus

Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Malware

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus

February 10, 2026

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

dYdX Supply Chain Attack Malicious npm Package

Malware

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

February 10, 2026

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage

LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

Malware

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage

February 10, 2026

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Malware

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

February 9, 2026

The “Vibe Coding” Disaster: How a Simple Bug Exposed 4.75 Million Records on the AI Social Network Moltbook

Moltbook database breach

Data Leak

The “Vibe Coding” Disaster: How a Simple Bug Exposed 4.75 Million Records on the AI Social Network Moltbook

February 3, 2026

The Digital Sanctuary: Apple’s 10 Essential Privacy Rules for 2026

Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Data Leak

The Digital Sanctuary: Apple’s 10 Essential Privacy Rules for 2026

January 29, 2026

Lock the Front Door: The “Localhost” Loophole Leaving Thousands of Clawdbot Agents Exposed

Clawdbot security bypass

Data Leak

Lock the Front Door: The “Localhost” Loophole Leaving Thousands of Clawdbot Agents Exposed

January 27, 2026

The Miami Glitch: How a Single Config Error Leaked Cloudflare’s IPv6 Routes to the Global Internet

Cloudflare BGP route leak

The Miami Glitch: How a Single Config Error Leaked Cloudflare’s IPv6 Routes to the Global Internet

January 27, 2026

HTTP Down: High-Severity Axios Flaw (CVSS 7.5) Crashes Node.js Servers Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

HTTP Down: High-Severity Axios Flaw (CVSS 7.5) Crashes Node.js Servers

Ddos February 10, 2026

30-Year-Old Bug: High-Severity libpng Flaw (CVSS 8.3) Exposes Millions of Apps libpng Vulnerability CVE-2026-25646

libpng Vulnerability CVE-2026-25646

30-Year-Old Bug: High-Severity libpng Flaw (CVSS 8.3) Exposes Millions of Apps

Ddos February 10, 2026

Triple Threat: Critical Gogs Flaws (CVSS 9.3) Allow RCE & 2FA Bypass Gogs Vulnerability CVE-2025-8110 CVE-2025-64111

Gogs Vulnerability CVE-2025-8110 CVE-2025-64111

Triple Threat: Critical Gogs Flaws (CVSS 9.3) Allow RCE & 2FA Bypass

Ddos February 10, 2026

Virtual Invasion: SolarWinds WHD Exploited to Host Hidden QEMU VMs SolarWinds Web Help Desk QEMU Persistence

SolarWinds Web Help Desk QEMU Persistence

Virtual Invasion: SolarWinds WHD Exploited to Host Hidden QEMU VMs

Ddos February 10, 2026

Trust Broken: Critical Keylime Flaw (CVSS 9.4) Disables mTLS Authentication Keylime Vulnerability CVE-2026-1709

Keylime Vulnerability CVE-2026-1709

Trust Broken: Critical Keylime Flaw (CVSS 9.4) Disables mTLS Authentication

Ddos February 10, 2026

CVE-2026-25592: Critical Semantic Kernel Flaw (CVSS 10.0) Allows File Overwrite Semantic Kernel Vulnerability CVE-2026-25592

Semantic Kernel Vulnerability CVE-2026-25592

CVE-2026-25592: Critical Semantic Kernel Flaw (CVSS 10.0) Allows File Overwrite

Ddos February 10, 2026

CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens Payload CMS Vulnerability CVE-2026-25544

Payload CMS Vulnerability CVE-2026-25544

CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens

Ddos February 10, 2026

Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across SIEM and SOAR 2_1200_700_2_1770606217wfV7bGFmpC

2_1200_700_2_1770606217wfV7bGFmpC

Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across SIEM and SOAR

cybernewswire February 9, 2026

Torrance, United States / California, 9th February 2026, CyberNewswire

Siri’s New Soul: Why iOS 27 is the “Snow Leopard” Moment Your iPhone Desperately Needs iOS 27 Snow Leopard update iOS 27 Maintenance Apple Stability Focus M5 MacBook, Studio Display macOS update, Mac Studio M3 Ultra Perplexity Apple, Perplexity AI Acquisition Mac Mini M2, Power Issue macOS, Intel Macs

iOS 27 Snow Leopard update iOS 27 Maintenance Apple Stability Focus M5 MacBook, Studio Display macOS update, Mac Studio M3 Ultra Perplexity Apple, Perplexity AI Acquisition Mac Mini M2, Power Issue macOS, Intel Macs

Siri’s New Soul: Why iOS 27 is the “Snow Leopard” Moment Your iPhone Desperately Needs

Ddos February 9, 2026

Don’t Trash Your Printer: Microsoft Clarifies “End of Support” for V3 and V4 Drivers in Windows 11

Windows 11 printer driver policy Windows 11 printer driver deprecation Windows 11 Build 26300 Sysmon Windows 11 Storage settings restriction Windows 11 Build 26300.7674, Windows Insider channel migration 2026 Windows 11 Update Fix KB5073455 shutdown bug, Secure Launch restart loop Windows 11 File Explorer search performance, Search Indexer RAM usage fix Windows 11 Gaming PC Specs, NVMe DirectStorage Windows 10 End of Support Windows 11 Slow Adoption Windows 11 Crash Loop KB5062553 Bug Update and Shut Down, KB5067036 Windows authentication, Kerberos bug Windows 11 fix, localhost bug Windows 11 Update Restart, Update and Shut Down Windows SMBv1 Windows 11 Arm, Easy Anti-Cheat Windows 11 error, Pluton Windows 11 24H2, Easy Anti-Cheat Windows Firewall Bug, Microsoft Update Error Windows 11, JScript9Legacy Windows Activation, TSforge Windows 11 Update, Firewall Error Windows 11 25H2, Annual Update Windows Resiliency Initiative, Kernel Security Windows 11 Upgrade, ESU Program Windows 11 Recall, Data Export Windows 11 Easy Anti-Cheat Windows 11 Update, Cumulative Update Windows Update, ACPI.sys Windows Updates, Enterprise Software Windows 11 Start Data Encryption Standard Printing Problems Windows 11 updates Estimated installation time Smart App Control, Windows 11 security

Don’t Trash Your Printer: Microsoft Clarifies “End of Support” for V3 and V4 Drivers in Windows 11

Ddos February 9, 2026

Verified or Vanished: Google Voice Now Requires Government ID to Stop “Gray Market” Scammers Google Voice identity verification

Google Voice identity verification

Verified or Vanished: Google Voice Now Requires Government ID to Stop “Gray Market” Scammers

Ddos February 9, 2026

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE

Ddos February 9, 2026

Speed of Truth: X Trials “Collaborative Notes” to Supercharge Fact-Checking with Grok AI X Collaborative Notes pilot

X Collaborative Notes pilot

Speed of Truth: X Trials “Collaborative Notes” to Supercharge Fact-Checking with Grok AI

Ddos February 9, 2026

Co-Pilots of the Future: Apple Opens CarPlay to ChatGPT and Google Gemini for Smarter Road Trips

Apple CarPlay AI integration 2026 Apple 2026 product roadmap rumors, foldable iPhone release date Apple Vision Pro sales slump, Vision Pro production cut Russia FaceTime Ban Network Blockade Apple Apple 2026 Roadmap, iPhone Foldable, Apple Intelligence Apple Maps ads, iOS monetization Apple, Digital Markets Act FCC Leak, iPhone 16e Schematics iPhone Fold Apple Made in India Apple US Investment, Indian Tariffs Apple Leadership, Tim Cook Tenure Siri Redesign, Apple AI Apple App Store Apple EU, Digital Markets Act CVE-2022-32898 Third-Party iOS Apps Apple Antitrust, DOJ Lawsuit

Co-Pilots of the Future: Apple Opens CarPlay to ChatGPT and Google Gemini for Smarter Road Trips

Ddos February 9, 2026

Fortune Favors the AI: Crypto.com CEO Drops $70M on AI.com to Launch “Synthetic Secretaries” at Super Bowl LX Kris Marszalek AI.com launch

Kris Marszalek AI.com launch

Fortune Favors the AI: Crypto.com CEO Drops $70M on AI.com to Launch “Synthetic Secretaries” at Super Bowl LX

Ddos February 9, 2026

Code Red: 4 Critical SandboxJS Flaws (CVSS 10.0) Allow Host Takeover

WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Code Red: 4 Critical SandboxJS Flaws (CVSS 10.0) Allow Host Takeover

Ddos February 9, 2026

Digital Detox Mandate: EU Charges TikTok Over “Autopilot” Design and Minor Safety Failures TikTok addictive design breach TikTok, ByteDance TikTok Zero-Day - TikTok Play Store Trump Extends TikTok

TikTok addictive design breach TikTok, ByteDance TikTok Zero-Day - TikTok Play Store Trump Extends TikTok

Digital Detox Mandate: EU Charges TikTok Over “Autopilot” Design and Minor Safety Failures

Ddos February 9, 2026

Tearing Down the Walled Garden: How Google Quick Share Finally Bridged the AirDrop Chasm Google Quick Share AirDrop Google Quick Share AirDrop interoperability, Pixel 9 AirDrop support 2026 Snapdragon AirDrop Quick Share Interoperability Quick Share AirDrop Cross-Platform File Transfer

Google Quick Share AirDrop Google Quick Share AirDrop interoperability, Pixel 9 AirDrop support 2026 Snapdragon AirDrop Quick Share Interoperability Quick Share AirDrop Cross-Platform File Transfer

Tearing Down the Walled Garden: How Google Quick Share Finally Bridged the AirDrop Chasm

Ddos February 9, 2026

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads DKnife Malware Router AitM Framework

DKnife Malware Router AitM Framework

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads

Ddos February 9, 2026

Double the RAM, Half the Stress: Raspberry Pi 4’s Secret Design Overhaul to Combat the 2026 Memory Crisis Raspberry Pi 4 dual-memory revision Raspberry Pi Price Hike AI Memory Demand

Raspberry Pi 4 dual-memory revision Raspberry Pi Price Hike AI Memory Demand

Double the RAM, Half the Stress: Raspberry Pi 4’s Secret Design Overhaul to Combat the 2026 Memory Crisis

Ddos February 9, 2026