Skip to content
July 3, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button

LATEST NEWS

Diagram showing ColdFusion arbitrary code execution path traversal vulnerability.
  • Vulnerability Report

Active ColdFusion Arbitrary Code Execution Flaw Scores CVSS 10

Do Son July 3, 2026 0
Diagram of the Control Web Panel SQLi exploit mechanism for CVE-2026-57517.
  • Vulnerability Report

Public PoC Code Exposes CVSS 9.8 Control Web Panel SQL Injection CVE-2026-57517

Do Son July 3, 2026 0
UltraVNC repeater vulnerabilities enabling arbitrary code execution and hardcoded-password admin access (CVE-2026-7839, CVE-2026-7840)
  • Vulnerability Report

UltraVNC Repeater Vulnerabilities Allow Remote Code Execution

Do Son July 3, 2026 0
WatchGuard Firebox vulnerabilities CVE-2026-13368 use-after-free remote code execution advisory
  • Vulnerability Report

WatchGuard Firebox Vulnerabilities Include Critical Unauthenticated RCE Flaw

Do Son July 3, 2026 0
Apache ActiveMQ vulnerabilities causing denial of service and temporary destination takeover (CVE-2026-54475)
  • Vulnerability Report

Apache ActiveMQ Vulnerabilities Allow Denial of Service and Takeover

Do Son July 3, 2026 0

Tech News

GitHub CD-ROM repository physical code disc campaign commemoration
  • Technology

GitHub CD-ROM Repository: Physical Code Discs

Do Son July 3, 2026 0
Claude Fable 5 subscription model and credit purchase prompt interface
  • Technology

Claude Fable 5 Subscription: Credits Required for Access

Do Son July 3, 2026 0
Google Chrome settings page showcasing the new auto-pin extensions option for toolbars
  • Technology

Chrome Prepares to Auto-Pin Extensions to Toolbar

Do Son July 3, 2026 0
Claude Fable 5 model classifier downgrade log showing TOO_DUMB_TO_NEED_FABLE flag
  • Technology

Claude Fable 5 Auto-Downgrades Tasks It Deems Too Simple Logs Prove It

Do Son July 3, 2026 0

Vulnerability

NTLM reflection CVE-2026-24294 SMB local privilege escalation Windows Server 2025 PoC exploit
  • Vulnerability

NTLM Reflection Bypass CVE-2026-24294 Gets Public PoC Exploit

Do Son June 29, 2026 0
Diagram of the MediaTek t7xx WWAN flaw triggering an out-of-bounds read in the Linux kernel
  • Vulnerability

Public Details Disclosed: MediaTek t7xx WWAN Flaw

Do Son June 24, 2026 0
FreeBSD privilege escalation CVE-2026-49413, Linuxulator vulnerability
  • Vulnerability

FreeBSD Privilege Escalation Flaw CVE-2026-49413 Hits the Linuxulator

Do Son June 15, 2026 0
CVE-2022-35951 Redis DarkReplica exploit CVE-2026-23631 public disclosure
  • Vulnerability

Redis DarkReplica Exploit: Full PoC Code and Technical Details Released

Do Son June 8, 2026 0

Cyber Security

Lazarus-Linked npm Malware Masquerades as Rollup Polyfills Lazarus npm malware masquerading as Rollup polyfill packages in a supply chain attack
  • Cybercriminals

Lazarus-Linked npm Malware Masquerades as Rollup Polyfills

July 3, 2026 0
ToddyCat APT Umbrij Tool Steals Cloud Email Tokens Diagram of ToddyCat APT Umbrij tool performing OAuth token theft from Chrome
  • Cybercriminals

ToddyCat APT Umbrij Tool Steals Cloud Email Tokens

July 3, 2026 0
Mustang Panda Abuses Zoho WorkDrive in Espionage Attacks on India’s Government AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly
  • Cybercriminals

Mustang Panda Abuses Zoho WorkDrive in Espionage Attacks on India’s Government

July 2, 2026 0
The Gentlemen Ransomware Group Expands With New Lockers and Custom Tools SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak
  • Cybercriminals

The Gentlemen Ransomware Group Expands With New Lockers and Custom Tools

July 2, 2026 0

Malware Alert

Silent Swap Crypto Clipper Hides in Google Notes Extension Diagram showing the Silent Swap crypto clipper and Google Notes extension infection chain
  • Malware

Silent Swap Crypto Clipper Hides in Google Notes Extension

July 3, 2026 0
Glitch SPY Android RAT Spreads Through a Fake Polish Rental App Glitch SPY Android RAT distributed through a fake Polish rental app abusing Accessibility Service
  • Malware

Glitch SPY Android RAT Spreads Through a Fake Polish Rental App

July 3, 2026 0
Fake Perplexity AI Extension Hijacks Browser Search and Logs Keystrokes digital-hacker
  • Malware

Fake Perplexity AI Extension Hijacks Browser Search and Logs Keystrokes

July 2, 2026 0
TONResolver Malware Hides Its C2 in the TON Blockchain to Hit Hotel Partners TONResolver malware infection chain using a TON blockchain dead drop resolver against Booking.com hotel partners
  • Malware

TONResolver Malware Hides Its C2 in the TON Blockchain to Hit Hotel Partners

July 2, 2026 0

Data Leak

iPhone 18 Pro Secrets Leaked in Tata Electronics Breach iPhone 18 Pro leak from the Tata Electronics data breach exposing Apple supplier lists, components, and drop-test photos RCS End-to-End Encryption
  • Data Leak

iPhone 18 Pro Secrets Leaked in Tata Electronics Breach

June 30, 2026 0
LastPass Customer Data Stolen in Klue Supply Chain Breach LastPass Klue breach OAuth token theft Salesforce supply chain attack
  • Data Leak

LastPass Customer Data Stolen in Klue Supply Chain Breach

June 23, 2026 0
Tata Electronics Data Breach Exposes Apple and Tesla Files Tata Electronics data breach leaking Apple and Tesla component design and specification files on a dark web site
  • Data Leak

Tata Electronics Data Breach Exposes Apple and Tesla Files

June 23, 2026 0
Novo Nordisk Breach Exposes AI Models and Patient Data Novo Nordisk data breach Novo Nordisk hack, AI training data theft, clinical trial data leak
  • Data Leak

Novo Nordisk Breach Exposes AI Models and Patient Data

June 16, 2026 0
kernel.org Outage: Config Error Wipes All Linux Kernel Files kernel.org outage HTTP 404 error caused by Linux Foundation mirror configuration failure
  • Technology

kernel.org Outage: Config Error Wipes All Linux Kernel Files

Do Son July 3, 2026 0
Read More Read more about kernel.org Outage: Config Error Wipes All Linux Kernel Files
EU Court Upholds €4.1 Billion Google Android Antitrust Fine EU Court upholds Google Android antitrust fine of 4.1 billion euros in landmark ruling
  • Technology

EU Court Upholds €4.1 Billion Google Android Antitrust Fine

Do Son July 3, 2026 0
Read More Read more about EU Court Upholds €4.1 Billion Google Android Antitrust Fine
Public PoC Code Exposes CVSS 9.8 Control Web Panel SQL Injection CVE-2026-57517 Diagram of the Control Web Panel SQLi exploit mechanism for CVE-2026-57517.
  • Vulnerability Report

Public PoC Code Exposes CVSS 9.8 Control Web Panel SQL Injection CVE-2026-57517

Do Son July 3, 2026 0
Read More Read more about Public PoC Code Exposes CVSS 9.8 Control Web Panel SQL Injection CVE-2026-57517
UltraVNC Repeater Vulnerabilities Allow Remote Code Execution UltraVNC repeater vulnerabilities enabling arbitrary code execution and hardcoded-password admin access (CVE-2026-7839, CVE-2026-7840)
  • Vulnerability Report

UltraVNC Repeater Vulnerabilities Allow Remote Code Execution

Do Son July 3, 2026 0
Read More Read more about UltraVNC Repeater Vulnerabilities Allow Remote Code Execution
WatchGuard Firebox Vulnerabilities Include Critical Unauthenticated RCE Flaw WatchGuard Firebox vulnerabilities CVE-2026-13368 use-after-free remote code execution advisory
  • Vulnerability Report

WatchGuard Firebox Vulnerabilities Include Critical Unauthenticated RCE Flaw

Do Son July 3, 2026 0
Read More Read more about WatchGuard Firebox Vulnerabilities Include Critical Unauthenticated RCE Flaw
Apache ActiveMQ Vulnerabilities Allow Denial of Service and Takeover Apache ActiveMQ vulnerabilities causing denial of service and temporary destination takeover (CVE-2026-54475)
  • Vulnerability Report

Apache ActiveMQ Vulnerabilities Allow Denial of Service and Takeover

Do Son July 3, 2026 0
Read More Read more about Apache ActiveMQ Vulnerabilities Allow Denial of Service and Takeover
Icinga 2 Vulnerabilities Allow Unauthenticated Node Takeover Icinga 2 vulnerabilities enabling unauthenticated node takeover and process crash, fixed in v2.16.2
  • Vulnerability Report

Icinga 2 Vulnerabilities Allow Unauthenticated Node Takeover

Do Son July 3, 2026 0
Read More Read more about Icinga 2 Vulnerabilities Allow Unauthenticated Node Takeover
StoneFly Storage Concentrator Flaws Allow Unauthenticated Root Access StoneFly Storage Concentrator vulnerabilities enabling unauthenticated command injection and root RCE (CVE-2026-56413, CVE-2026-56415)
  • Vulnerability Report

StoneFly Storage Concentrator Flaws Allow Unauthenticated Root Access

Do Son July 3, 2026 0
Read More Read more about StoneFly Storage Concentrator Flaws Allow Unauthenticated Root Access
Microsoft Exchange Vulnerability CVE-2026-45504 Gets Public PoC Exploit HawkTrace publicly disclosed Microsoft Exchange vulnerability CVE-2026-45504 with PoC exploit code. The SSRF flaw reads arbitrary files. Patch now.
  • Vulnerability Report

Microsoft Exchange Vulnerability CVE-2026-45504 Gets Public PoC Exploit

Do Son July 3, 2026 0
Read More Read more about Microsoft Exchange Vulnerability CVE-2026-45504 Gets Public PoC Exploit
Citrix NetScaler Vulnerability CVE-2026-8451 Exploited in the Wild as PoC Goes Public Citrix NetScaler vulnerability CVE-2026-8451 memory overread exploited in the wild
  • Vulnerability Report

Citrix NetScaler Vulnerability CVE-2026-8451 Exploited in the Wild as PoC Goes Public

Do Son July 2, 2026 0
Read More Read more about Citrix NetScaler Vulnerability CVE-2026-8451 Exploited in the Wild as PoC Goes Public
Apache HttpComponents Core Patches Two DoS Vulnerabilities in HTTP Parsers Apache HttpComponents Core vulnerabilities CVE-2026-54399 denial of service advisory
  • Vulnerability Report

Apache HttpComponents Core Patches Two DoS Vulnerabilities in HTTP Parsers

Do Son July 2, 2026 0
Read More Read more about Apache HttpComponents Core Patches Two DoS Vulnerabilities in HTTP Parsers
Cloudflare Monetization Gateway Charges AI Tools Cloudflare Monetization Gateway x402 payment protocol
  • Technology

Cloudflare Monetization Gateway Charges AI Tools

Do Son July 2, 2026 0
Read More Read more about Cloudflare Monetization Gateway Charges AI Tools
Google Gemini Spark Debuts on macOS for Elite Subscribers Google Gemini Spark macOS agentic AI assistant dashboard showing local file automation
  • Technology

Google Gemini Spark Debuts on macOS for Elite Subscribers

Do Son July 2, 2026 0
Read More Read more about Google Gemini Spark Debuts on macOS for Elite Subscribers
GNU gzip Vulnerability Allows gzexe Symlink Overwrite GNU gzip vulnerability CVE-2026-41991 enabling a gzexe symlink attack and arbitrary file overwrite
  • Vulnerability Report

GNU gzip Vulnerability Allows gzexe Symlink Overwrite

Do Son July 2, 2026 0
Read More Read more about GNU gzip Vulnerability Allows gzexe Symlink Overwrite
Pro-Russia Influence Ecosystem Expands Global Reach Diagram showing the pro-Russia influence ecosystem and information operations
  • Cybercriminals

Pro-Russia Influence Ecosystem Expands Global Reach

Do Son July 2, 2026 0
Read More Read more about Pro-Russia Influence Ecosystem Expands Global Reach
Critical IBM Db2 Flaw Allows Pre-Auth Remote Code Execution IBM Db2 RCE flaw CVE-2026-10109 from pre-auth DRDA handshake remote code execution
  • Vulnerability Report

Critical IBM Db2 Flaw Allows Pre-Auth Remote Code Execution

Do Son July 2, 2026 0
Read More Read more about Critical IBM Db2 Flaw Allows Pre-Auth Remote Code Execution
Actively Exploited SharePoint Vulnerability Added to CISA KEV Catalog Actively exploited SharePoint vulnerability CVE-2026-45659 enabling remote code execution, added to CISA KEV
  • Vulnerability Report

Actively Exploited SharePoint Vulnerability Added to CISA KEV Catalog

Do Son July 2, 2026 0
Read More Read more about Actively Exploited SharePoint Vulnerability Added to CISA KEV Catalog
Scattered Spider Arrest: Teen Extradited in $100M Scheme Scattered Spider arrest suspect Peter Stokes extradition
  • Cybercriminals

Scattered Spider Arrest: Teen Extradited in $100M Scheme

Do Son July 2, 2026 0
Read More Read more about Scattered Spider Arrest: Teen Extradited in $100M Scheme
Cisco Patches Catalyst Center File Read Flaw and Seven ClamAV DoS Bugs Cisco Catalyst Center vulnerability and ClamAV vulnerabilities July 2026 patch advisory
  • Vulnerability Report

Cisco Patches Catalyst Center File Read Flaw and Seven ClamAV DoS Bugs

Do Son July 2, 2026 0
Read More Read more about Cisco Patches Catalyst Center File Read Flaw and Seven ClamAV DoS Bugs
Poweradmin Host Header Injection Lets Attackers Hijack DNS Accounts Poweradmin host header injection flaw CVE-2026-54588 enabling DNS admin account takeover
  • Vulnerability Report

Poweradmin Host Header Injection Lets Attackers Hijack DNS Accounts

Do Son July 2, 2026 0
Read More Read more about Poweradmin Host Header Injection Lets Attackers Hijack DNS Accounts
Next Page ❯

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-45659CVSS 8.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
  • CVE-2026-28496CVSS 9.4
    FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
    Admin intel📅 Updated: Jun 25, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-4321CVSS 9.8
    Improper neutralization of special elements used in an SQL command ('SQL injection')...
  • CVE-2026-14544CVSS 9.8
    A flaw was found in HPLIP (HP Linux Imaging and Printing Software)....
  • CVE-2026-9725CVSS 9.1
    The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress...
  • CVE-2026-13768CVSS 10.0
    Gardyn devices expose a privileged iothubowner key. Access to this key will...
  • CVE-2026-57100CVSS 9.9
    Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an...
  • CVE-2026-45499CVSS 9.9
    Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to...
  • CVE-2026-41106CVSS 9.3
    Url redirection to untrusted site ('open redirect') in M365 Copilot allows an...
  • CVE-2026-52830CVSS 9.4
    fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP...
  • CVE-2026-49352CVSS 9.8
    ### Summary 9router uses a publicly known hardcoded string `"9router-default-secret-change-me"` as the...
  • CVE-2026-54617CVSS 9.8
    ### Summary An unauthenticated path traversal in the LaunchServer HTTP file server...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.