Do Son, Author at Daily CyberSecurity • Page 105 of 726

Search Engine Exposed: Apache Solr Flaws Leak Data & Bypass Auth Apache Solr CVE-2022-39135 Apache Solr Vulnerabilities CVE-2026-22444

Search Engine Exposed: Apache Solr Flaws Leak Data & Bypass Auth

Do Son January 21, 2026

Apache Solr administrators are being urged to update their instances immediately following the disclosure of two moderate-severity...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Google Chrome 144 Patches High-Severity “Race” Condition in V8 Engine

Do Son January 21, 2026

Google has rolled out an important security update for the Chrome Stable channel, pushing version 144.0.7559.96/.97 to...

Redis RCE Exposed: Researchers Detail Exploit for “Simple” Stack Overflow in Official Containers Redis RCE Exploit CVE-2025-62507

Redis RCE Exposed: Researchers Detail Exploit for “Simple” Stack Overflow in Official Containers

Do Son January 21, 2026

Security researchers at JFrog Security Research have publicly disclosed a complete exploit chain for a high-severity vulnerability...

ImageMagick Alert (CVE-2026-23876): “XBM” Image Uploads Trigger Massive Heap Overflow ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Alert (CVE-2026-23876): “XBM” Image Uploads Trigger Massive Heap Overflow

Do Son January 21, 2026

A new high-severity vulnerability has been discovered in ImageMagick, the ubiquitous image processing library powering everything from...

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions KTLVdoor backdoor - CoffeeLoader Malware

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

Do Son January 21, 2026

The tools that software developers trust most are being turned against them in a sophisticated new malware...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Hard-Coded Keys and Open Doors: Critical Flaws Found in PrismX AP Controllers

Do Son January 21, 2026

A trio of security vulnerabilities has been discovered in Browan Communications’ PrismX MX100 AP Controller, the most...

Operation Covert Access: Rust RAT Infiltrates Argentina’s Judiciary WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Operation Covert Access: Rust RAT Infiltrates Argentina’s Judiciary

Do Son January 21, 2026

A highly sophisticated cyber-espionage campaign has been discovered targeting the heart of Argentina’s legal system. Dubbed “Operation...

CVE-2026-0629: TP-Link VIGI Flaw Lets Attackers Reset Admin Passwords

Do Son January 21, 2026

A critical security vulnerability has been discovered in TP-Link’s VIGI series surveillance cameras, allowing attackers on a...

NCSC Warns of Russian Hacktivists Targeting UK Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

NCSC Warns of Russian Hacktivists Targeting UK

Do Son January 20, 2026

The UK’s National Cyber Security Centre (NCSC) has issued a warning regarding the persistent threat posed by...

The Gemini Surge: How Google’s AI “Halo Effect” is Reshaping the Cloud Wars Chrome hidden weights.bin download Gemini Nano privacy controversy 2026 Google Antigravity account suspension Gemini Lyria 3 integration Google Gemini enterprise sales, Google Cloud AI revenue 2026 Google Gemini daily limits 2026, Gemini Thinking model quotas Google Gemini 3 Agentic Development Platform

Chrome hidden weights.bin download Gemini Nano privacy controversy 2026 Google Antigravity account suspension Gemini Lyria 3 integration Google Gemini enterprise sales, Google Cloud AI revenue 2026 Google Gemini daily limits 2026, Gemini Thinking model quotas Google Gemini 3 Agentic Development Platform

The Gemini Surge: How Google’s AI “Halo Effect” is Reshaping the Cloud Wars

Do Son January 20, 2026

In the escalating crusade for AI commercialization, Google appears to have discovered a formidable nexus of profitability....

“Nomad Leopard” Spotted in the Wild: Cyber Espionage Campaign Targets Afghan Government Nomad Leopard Afghanistan Cyber Espionage

“Nomad Leopard” Spotted in the Wild: Cyber Espionage Campaign Targets Afghan Government

Do Son January 20, 2026

A new cyber espionage campaign targeting the heart of Afghanistan’s administration has been uncovered, revealing a mix...

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover ACF Extended Vulnerability CVE-2025-14533

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

Do Son January 20, 2026

A critical security vulnerability has been discovered in Advanced Custom Fields: Extended, a popular WordPress plugin with...

Discord Spy: SolyxImmortal Malware Uses Webhooks for Stealthy Theft SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

Discord Spy: SolyxImmortal Malware Uses Webhooks for Stealthy Theft

Do Son January 20, 2026

A newly identified Python-based malware, SolyxImmortal, is making the rounds in underground channels, offering a “monolithic” surveillance...

Malformed & Dangerous: Gootloader Returns with New Ransomware Ties Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Malformed & Dangerous: Gootloader Returns with New Ransomware Ties

Do Son January 20, 2026

After a mysterious hiatus, the notorious Gootloader malware has resurfaced with a vengeance, sporting a new alliance...

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection PDFSIDER Malware DLL Side-Loading

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection

Do Son January 20, 2026

A new and sophisticated malware variant dubbed PDFSIDER has been unearthed by researchers at Resecurity, marking the...

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware Operation Poseidon Konni APT

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware

Do Son January 20, 2026

In a deep-dive analysis released by Genians Security Center, researchers have exposed “Operation Poseidon,” a sophisticated campaign...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Industrial Alert: Critical RCE in AVEVA Software Rated CVSS 10

Do Son January 20, 2026

AVEVA, a global leader in industrial software, has issued a critical security bulletin regarding its flagship Process...

Spy vs. Spy: Predator Malware Now Hunts the Researchers OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Spy vs. Spy: Predator Malware Now Hunts the Researchers

Do Son January 20, 2026

The commercial spyware industry isn’t just building tools to spy on victims; they are building tools to...

WhisperPair: Critical Fast Pair Flaw Exposes Headphones to Hijacking WhisperPair Vulnerability Google Fast Pair Flaw

WhisperPair: Critical Fast Pair Flaw Exposes Headphones to Hijacking

Do Son January 20, 2026

Your high-end Bluetooth headphones might be listening to more than just your music. A new report from...

Trojanized PDF Editor: “TamperedChef” Campaign Bypasses Windows SmartScreen TamperedChef Malvertising AppSuite PDF Editor

Trojanized PDF Editor: “TamperedChef” Campaign Bypasses Windows SmartScreen

Do Son January 20, 2026

A sophisticated new malvertising campaign dubbed TamperedChef has been serving up more than just productivity tools to...

Critical Alert 1 Active Exploit Detected Today