Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

AWS AI Factories: Bringing Full Cloud AI Infrastructure On-Prem for Data Sovereignty AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS AI Factories: Bringing Full Cloud AI Infrastructure On-Prem for Data Sovereignty

Do Son December 3, 2025

As AI models swell to ever-greater scales, governments and large enterprises are placing unprecedented emphasis on data...

AWS Unleashes Trainium3 Chip: 4.4x Faster AI Performance for EC2 UltraServers

Motorola Smart Feed redirect Anthropic Amazon 5GW partnership Amazon Perplexity lawsuit AWS-LC Vulnerabilities Cryptographic Bypass AWS Middle East drone strikes Amazon layoffs 2026, Amazon AI restructuring Amazon Kindle DRM Policy, Publisher Control EPUB AWS Nova Forge AI Model Customization AWS Trainium3 EC2 Trn3 UltraServer Route 53 Accelerated Recovery AWS DNS Resilience AI Browser War, Amazon Comet Amazon layoffs, cost reduction AWS outage, DynamoDB DNS AWS outage, cloud dependency AWS VPN Client, Root Privilege Escalation WSA shutdown, Amazon Appstore Amazon Wondery, Podcast Restructuring Amazon Q2 2025 Generative AI AWS Client VPN, Privilege Escalation Amazon AI, Wearable AI

AWS Unleashes Trainium3 Chip: 4.4x Faster AI Performance for EC2 UltraServers

Do Son December 3, 2025

AWS has announced the launch of its Amazon EC2 Trn3 UltraServers, powered by its new 3 nm...

AWS Bedrock Unleashed: 18 New AI Models, AgentCore Upgrades, and Enhanced Security AWS Bedrock Expansion Agentic AI Nova 2

AWS Bedrock Expansion Agentic AI Nova 2

AWS Bedrock Unleashed: 18 New AI Models, AgentCore Upgrades, and Enhanced Security

Do Son December 3, 2025

During the re:Invent 2025 conference, AWS unveiled the most extensive expansion of its generative AI platform, Amazon...

Google Phone App Gets ‘Call Reason’: Mark Calls as Urgent to Ensure a Pick-Up Google Phone Call Reason Urgent Call Feature

Google Phone Call Reason Urgent Call Feature

Google Phone App Gets ‘Call Reason’: Mark Calls as Urgent to Ensure a Pick-Up

Do Son December 3, 2025

Google is currently testing a new feature in its Phone by Google app: when placing a call,...

Microsoft Update Breaks Dark Mode: File Explorer Now Flashes White on Launch KB5083769 Update Windows 11 24H2 end of support File Explorer White Flash Windows 11 Dark Mode Bug Windows 11 SE, End of Support Windows Update, Automatic Upgrade CVE-2023-38146 Windows 10

KB5083769 Update Windows 11 24H2 end of support File Explorer White Flash Windows 11 Dark Mode Bug Windows 11 SE, End of Support Windows Update, Automatic Upgrade CVE-2023-38146 Windows 10

Microsoft Update Breaks Dark Mode: File Explorer Now Flashes White on Launch

Do Son December 3, 2025

Recently, Microsoft released the preview update KB5070311 for Windows 11 version 24H2/252 — only for users who...

Security Tightens: Let’s Encrypt Will Cap Certificate Validity at 45 Days by 2028 Let's Encrypt subscriber agreement Let's Encrypt OCSP Support 45-Day Certificate Limit Let's Encrypt Automation

Let's Encrypt subscriber agreement Let's Encrypt OCSP Support 45-Day Certificate Limit Let's Encrypt Automation

Security Tightens: Let’s Encrypt Will Cap Certificate Validity at 45 Days by 2028

Do Son December 3, 2025

Apple previously submitted a proposal to the CA/Browser Forum — the industry body governing certificate authorities and...

Red Alert at OpenAI: Ad Plans Dropped to Focus on ChatGPT Quality Amid Gemini Threat

OpenAI token price reduction OpenAI Deployment Company DeployCo OpenAI IPO strategy OpenAI Privacy Filter 1.5B OpenAI $122 billion funding OpenAI GitHub alternative OpenAI military agreement 2026 OpenAI Stargate project collapse NVIDIA OpenAI investment stall ChatGPT Go $8 subscription, OpenAI GPT-5.2 Instant ads OpenAI Torch acquisition, Unified Medical Memory OpenAI Head of Preparedness 2025, Sam Altman AI safety lawsuits ChatGPT Advertising Speculation OpenAI Ad Code Denial OpenAI AI Confession Hallucination Mitigation ChatGPT Quality Focus OpenAI Gemini Red Alert ChatGPT Login, AI ecosystem OpenAI Mental Health, AI Well-Being Council ChatGPT Instant Checkout, Agentic Commerce OpenAI cloud computing OpenAI, startup incubator OpenAI chips, NVIDIA competition AI competition, antitrust lawsuit GPT-5, OpenAI Livestream OpenAI Open-Weight, AI Models OpenAI Infrastructure, AI Data Centers ChatGPT Business, Office Productivity OpenAI Open-Weight Model, WindSurf Acquisition OpenAI AI Browser, ChatGPT Integration Mattel AI, OpenAI Partnership OpenAI o3, Price Cut OpenAI's Next-Gen AI: O3-Pro's Enhanced Reasoning PowerOpenAI profit OpenAI Bid OpenAI Social Network ChatGPT Social OpenAI Non-profit OpenAI UAE ChatGPT Plus free

Red Alert at OpenAI: Ad Plans Dropped to Focus on ChatGPT Quality Amid Gemini Threat

Do Son December 3, 2025

OpenAI has been experimenting with the addition of search advertising inside ChatGPT to ease its growing financial...

India Mandates SIM-Binding: WhatsApp and Telegram Users Must Re-verify Every 6 Hours

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

India Mandates SIM-Binding: WhatsApp and Telegram Users Must Re-verify Every 6 Hours

Do Son December 3, 2025

India’s Department of Telecommunications has issued a new directive to both domestic and international developers of major...

Critical cPanel Flaw (CVSS 9.3) Allows Directory Traversal LPE for Full Server Takeover cPanel WHM Vulnerabilities 2026 CVE-2026-29205 Arbitrary File Read cPanel Security Vulnerability Perl Injection Exploit cPanel Authentication WHM Security cPanel Privilege Escalation, Directory Traversal LPE

cPanel WHM Vulnerabilities 2026 CVE-2026-29205 Arbitrary File Read cPanel Security Vulnerability Perl Injection Exploit cPanel Authentication WHM Security cPanel Privilege Escalation, Directory Traversal LPE

Critical cPanel Flaw (CVSS 9.3) Allows Directory Traversal LPE for Full Server Takeover

Do Son December 3, 2025

cPanel, the industry-standard control panel software that powers a vast portion of the web hosting market, has...

Critical ACF Extended Flaw (CVE-2025-13486, CVSS 9.8) Allows Unauthenticated RCE on 100K WordPress Sites ACF Extended RCE, Unauthenticated Code Execution

ACF Extended RCE, Unauthenticated Code Execution

Critical ACF Extended Flaw (CVE-2025-13486, CVSS 9.8) Allows Unauthenticated RCE on 100K WordPress Sites

Do Son December 3, 2025

A critical security vulnerability carrying a near-maximum severity score has been discovered in “Advanced Custom Fields: Extended,”...

CISA Warns: Critical Longwatch RCE Flaw (CVE-2025-13658, CVSS 9.8) Allows Unauthenticated SYSTEM Takeover of OT Surveillance Longwatch Unauthenticated RCE, Industrial Video & Control

Longwatch Unauthenticated RCE, Industrial Video & Control

CISA Warns: Critical Longwatch RCE Flaw (CVE-2025-13658, CVSS 9.8) Allows Unauthenticated SYSTEM Takeover of OT Surveillance

Do Son December 3, 2025

A critical security vulnerability has been identified in the Longwatch video surveillance and monitoring system developed by...

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks Rust Crates.io Backdoor, EVM Stealth Loader

Rust Crates.io Backdoor, EVM Stealth Loader

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks

Do Son December 3, 2025

A seemingly innocent utility for Ethereum developers has been unmasked as a sophisticated stealth loader. The Socket...

DOJ Seizes Domain of Burma’s Notorious Tai Chang Scam Compound to Disrupt ‘Pig Butchering’ Fraud Pig Butchering Takedown, Tai Chang Compound

Pig Butchering Takedown, Tai Chang Compound

DOJ Seizes Domain of Burma’s Notorious Tai Chang Scam Compound to Disrupt ‘Pig Butchering’ Fraud

Do Son December 3, 2025

The U.S. Department of Justice has executed a significant digital takedown, seizing a web domain central to...

Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty

Do Son December 3, 2025

Google has officially promoted Chrome 143 to the stable channel for Windows, macOS, and Linux, rolling out...

Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation

Do Son December 3, 2025

The maintainers of Django, the high-level Python web framework that powers some of the internet’s largest sites,...

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover

Do Son December 3, 2025

A critical security vacuum has been discovered in smart metering infrastructure, potentially leaving utility networks exposed to...

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover

Do Son December 3, 2025

A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts,...

High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass

Do Son December 3, 2025

The maintainers of Angular, the popular platform for building mobile and desktop web applications, have released an...

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Do Son December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

Apple AI Shakeup: Giannandrea Out, Former Google Gemini Chief Amar Subramanya Hired

Apple Spring Event 2026 Apple Intel 14A iPhone 2028, Intel Foundry Apple Silicon iPhone 18 glass cloth shortage, Nittobo T-glass Apple crisis Apple UK App Store lawsuit appeal, Apple tax £1.5bn damages Apple AI Leadership Shakeup Giannandrea Subramanya Touchscreen MacBook Pro Apple 2026 Roadmap Apple Smart Home, Desktop Robot Apple H3 Chip, AirPods Camera Apple chips, on-device AI Apple AI, retail chatbot MacBook, Affordable Foldable iPhone, Apple Strategy Apple COO, Leadership Transition DOJ Lawsuit Apple EU Policy, App Store Fees CVE-2024-23222 Apple French antitrust fine

Apple AI Shakeup: Giannandrea Out, Former Google Gemini Chief Amar Subramanya Hired

Do Son December 2, 2025

Apple has announced a major leadership reshuffle, confirming that Senior Vice President of Machine Learning and AI...