Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea

Do Son December 2, 2025

A major data breach has struck Coupang, one of South Korea’s most prominent e-commerce platforms, compromising the...

Europol Shuts Down CryptoMixer, Seizes €25 Million in Bitcoin & 12 TB of Data

Europol CryptoMixer Takedown Centralized Mixer Seizure

Europol Shuts Down CryptoMixer, Seizes €25 Million in Bitcoin & 12 TB of Data

Do Son December 2, 2025

Europol recently disclosed that, during a coordinated operation, it successfully dismantled the mixing service CryptoMixer, a platform...

AWS Transform: Agentic AI Automates Legacy Code Modernization and Reduces Technical Debt AWS Transform Agentic AI Technical Debt Automation

AWS Transform Agentic AI Technical Debt Automation

AWS Transform: Agentic AI Automates Legacy Code Modernization and Reduces Technical Debt

Do Son December 2, 2025

At the re:Invent 2025 conference, AWS announced a sweeping enhancement to its application-modernization service, AWS Transform, introducing...

AWS re:Invent 2025: Agentic AI, Marengo 3.0 Video Model, and Visa Payment Partnership AI content licensing marketplace AWS Nova 2 Nova Act AWS Agentic AI TwelveLabs Marengo 3.0

AI content licensing marketplace AWS Nova 2 Nova Act AWS Agentic AI TwelveLabs Marengo 3.0

AWS re:Invent 2025: Agentic AI, Marengo 3.0 Video Model, and Visa Payment Partnership

Do Son December 2, 2025

As AWS re:Invent 2025 unfolds, the company has unveiled a wide array of new technological collaborations, spanning...

NVIDIA Invests $2 Billion in Synopsys to Integrate Agentic AI into Chip Design NVIDIA Synopsys Investment Agentic AI Chip Design

NVIDIA Synopsys Investment Agentic AI Chip Design

NVIDIA Invests $2 Billion in Synopsys to Integrate Agentic AI into Chip Design

Do Son December 2, 2025

NVIDIA and electronic design automation (EDA) leader Synopsys have announced an expanded strategic partnership that will usher...

AWS re:Invent: Agentic AI Launches with Nova Sonic Voice; Partners with Google Cloud on Networking AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS re:Invent: Agentic AI Launches with Nova Sonic Voice; Partners with Google Cloud on Networking

Do Son December 2, 2025

At AWS’s annual re:Invent 2025 conference in Las Vegas, the company unveiled a major series of enhancements...

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones Oracle user data Sanchar Saathi Mandatory India Preinstalled App

Oracle user data Sanchar Saathi Mandatory India Preinstalled App

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones

Do Son December 2, 2025

According to a report from Reuters, the Indian government has informed major smartphone manufacturers that they must...

ClickFix: Signature Threat of 2025, Turning Victims into Accomplices parkerfix8

parkerfix8

ClickFix: Signature Threat of 2025, Turning Victims into Accomplices

Do Son December 2, 2025

A malware technique that literally turns its victim into unwitting accomplices: that’s ClickFix. In 2025, it boosted...

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks

Do Son December 2, 2025

The OpenVPN project has released a crucial security update with the launch of version 2.7_rc2, addressing a...

Android Emergency: Critical DoS Flaw and 2 Exploited Zero-Days in Framework Require Immediate Patch

Android CLI Android Security Zero-Interaction DoS CVE-2026-21385 Android Security Update UK CMA Apple Google regulation Google Aluminum OS Android 16 leak, ALOS Android ChromeOS merger Android sideloading certification 2026, Google developer verification APK Android AOSP biannual release, AOSP source code latency 2026 Android Zero-Day, Critical DoS Flaw Android Universal Clipboard Cross-Device Sync Gemini Nano Block, Unlocked Bootloader Android, Calling Cards Android Security Bulletin, RCE Vulnerability Android Linux GUI, Debian VM Android System Services, Google Transparency Android 16, Pixel Update

Android Emergency: Critical DoS Flaw and 2 Exploited Zero-Days in Framework Require Immediate Patch

Do Son December 2, 2025

Google has released the Android Security Bulletin for December 2025, detailing a slate of vulnerabilities affecting the...

nopCommerce Flaw (CVE-2025-11699) Allows Admin Takeover by Reusing Session Cookies After Logout nopCommerce Session Hijacking, Logout Bypass

nopCommerce Session Hijacking, Logout Bypass

nopCommerce Flaw (CVE-2025-11699) Allows Admin Takeover by Reusing Session Cookies After Logout

Do Son December 2, 2025

A significant security vulnerability has been identified in nopCommerce, a popular open-source ecommerce platform that serves as...

Next-Gen Stealer Arkanix Bypasses Chrome App-Bound Encryption Using C++ Process Injection Arkanix Stealer, App-Bound Encryption Bypass

Arkanix Stealer, App-Bound Encryption Bypass

Next-Gen Stealer Arkanix Bypasses Chrome App-Bound Encryption Using C++ Process Injection

Do Son December 2, 2025

A new, rapidly evolving threat has entered the crowded landscape of malware-as-a-service. Researchers at G DATA have...

CVE-2025-64775: Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion Apache Struts 2 Vulnerability CVE-2025-68493 CVE-2021-31805 Struts DoS, File Upload Leak

Apache Struts 2 Vulnerability CVE-2025-68493 CVE-2021-31805 Struts DoS, File Upload Leak

CVE-2025-64775: Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion

Do Son December 2, 2025

The Apache Software Foundation has issued an important advisory regarding a significant Denial of Service (DoS) vulnerability...

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts

Do Son December 2, 2025

A prominent state-aligned threat actor has significantly evolved its arsenal, launching a sophisticated campaign targeting the Linux-based...

Albiriox: The Russian ‘MaaS’ Android Trojan Redefining Mobile Fraud Albiriox, Android Banking Trojan

Albiriox, Android Banking Trojan

Albiriox: The Russian ‘MaaS’ Android Trojan Redefining Mobile Fraud

Do Son December 2, 2025

A sophisticated new Android banking trojan, dubbed “Albiriox,” has emerged from the cybercriminal underground, offering a potent...

Semiconductor Showdown: Apple and NVIDIA Battle for TSMC’s A16 Capacity Apple NVIDIA TSMC Semiconductor Supply War NVIDIA Blackwell Wafer, TSMC Arizona Fab

Apple NVIDIA TSMC Semiconductor Supply War NVIDIA Blackwell Wafer, TSMC Arizona Fab

Semiconductor Showdown: Apple and NVIDIA Battle for TSMC’s A16 Capacity

Do Son December 2, 2025

As the AI boom continues to fuel surging demand for high-performance computing, cutting-edge semiconductor capacity has become...

ChatGPT Ads Spotted: Monetization Push Underway to Offset $115 Billion in OpenAI Losses OpenAI desktop Super App GPT-4o retirement date AI Model Collapse ChatGPT Personalization Characteristics, OpenAI Tone Sliders 2025 ChatGPT Ads OpenAI Losses AI browser, ChatGPT Atlas ChatGPT Em Dash AI Writing Quirks

OpenAI desktop Super App GPT-4o retirement date AI Model Collapse ChatGPT Personalization Characteristics, OpenAI Tone Sliders 2025 ChatGPT Ads OpenAI Losses AI browser, ChatGPT Atlas ChatGPT Em Dash AI Writing Quirks

ChatGPT Ads Spotted: Monetization Push Underway to Offset $115 Billion in OpenAI Losses

Do Son December 2, 2025

Although OpenAI currently commands an enormous base of individual and enterprise users, its losses are likewise staggering....

What Is DKIM? A Complete Guide To Email Authentication And Security Email

Email

What Is DKIM? A Complete Guide To Email Authentication And Security

Do Son December 1, 2025

DomainKeys Identified Mail (DKIM) is a robust email authentication standard designed to combat cyber threats such as...

Boot Process Compromised: Critical Flaw (CVE-2025-47372) Hits Snapdragon 8 Gen 3 & 5G Modems Qualcomm Security, CVE-2025-47372 Automotive Safety, Connected Cars

Qualcomm Security, CVE-2025-47372 Automotive Safety, Connected Cars

Boot Process Compromised: Critical Flaw (CVE-2025-47372) Hits Snapdragon 8 Gen 3 & 5G Modems

Do Son December 1, 2025

Qualcomm has released a substantial security update for December 2025, addressing 11 distinct vulnerabilities across its chipset...

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Do Son December 1, 2025

A significant crack has been discovered in the armor of Windows Administrator Protection, potentially allowing low-privileged attackers...