TL;DR Researchers at Calif.io disclosed the Squidbleed vulnerability in the Squid web proxy, tracked as CVE-2026-47729. The...
Do Son
Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.
The United States has one of the most active rail modernisation cycles in decades, but it also...
At a Glance Organization LastPass (via vendor Klue) Data exposed CRM contact and support data: names, emails,...
TL;DR CISA added four actively exploited flaws to its KEV catalog on June 23, 2026. The bugs...
At a glance Actor / group Unattributed, financially motivated operators (multiple GitHub accounts) Activity type Multi-brand bank...
At a Glance Malware Family: Meow macOS stealer (AppleScript-based infostealer and RAT) Threat Actor: Suspected Russian-speaking attacker...
Threat researchers have uncovered a new Dropping Elephant malware attack using an advanced fileless mechanism. Rapid7 recently...
Security researchers at QiAnXin XLab discovered over 4,300 legacy routers infected globally. They named this new threat...
At a Glance Actor: Suspected single Chinese operator Activity Type: Cloud DNS takeover, SEO poisoning Targets: 163...
Google announced its Android developer verification program in 2025. The plan requires a valid developer signature, even...
India’s Tata Group has confirmed to Reuters that it recently suffered a cyberattack. Hackers claim they stole...
Apple appears to be systematically dismantling its legacy ecosystem. Following the termination of Time Capsule backup protocol...
Apple has released iOS 27 Developer Beta 2 to developers. Users eager to try new features can...
The Codex desktop and CLI versions continuously wrote low-level logs to the local database. Consequently, this high-frequency...
TL;DR Three critical Tinyproxy request smuggling vulnerabilities threaten network security. These flaws allow attackers to inject arbitrary...
TL;DR A serious libssh2 vulnerability now puts SSH clients at risk. Researchers track it as CVE-2026-55200,...
TL;DR Three serious MariaDB server vulnerabilities threaten database environments. The most severe flaw carries a maximum CVSS...
TL;DR Mitel disclosed 12 security flaws in MiCollab and the MiVoice Business Solution Virtual Instance (MiVB SVI)....
TL;DR CERT/CC disclosed a Secure Boot bypass that affects many vendor-signed UEFI applications. ESET researcher Martin Smolar...
TL;DR Two critical flaws affect the HAProxy software. First, an integer overflow bug allows response smuggling....
At a Glance Actor or Group: Unidentified cyber criminals Activity Type: Malicious website redirection and malware distribution...
At a Glance Actor: UNC6508 (suspected PRC-nexus threat actor) Activity Type: Cyber espionage, bespoke malware deployment, data...