Critical Alert 1 Active Exploit Detected Today

CVE-2026-48907 — Widget Factory Joomla Content Editor Improper Access Control Vulnerability →

Powered by CVE Watchtower

×

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense

Do Son September 23, 2025

A new study from Catalyst has exposed a sophisticated cyber espionage campaign conducted by Subtle Snail (UNC1549),...

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem

Do Son September 23, 2025

The Black Lotus Labs team at Lumen Technologies has uncovered major new infrastructure behind the SystemBC botnet,...

Warning: New Windows 11 Updates Break Video Playback

Windows Secure Lock Screen Clock Lag Windows 11 KB5079391 error Windows 11 Kernel Driver Trust Microslop Windows 11 Windows 11 modem driver removal 2026, CVE-2025-24052 Agere driver exploit Windows 11 Password Icon Bug Lock Screen Glitch Windows 11 26H1 ARM Snapdragon X2 Windows 11 Reboot-Free, Insider Build Windows Update Error, 0x80070103 File Explorer, NTLM leak Windows bug, WinRE Windows Update, UAC prompts Secure Boot Certificate, Windows Security Windows 11 22H2 Installation security updates Windows UEFI CA 2023 Windows 11 25H2

Warning: New Windows 11 Updates Break Video Playback

Do Son September 22, 2025

According to Microsoft’s list of known issues updated on September 19, 2025, Windows 11 version 24H2 encounters...

Windows 11 Is Getting a Native Video Wallpaper Feature

Windows 11 app updates Windows Insider preview build, Calculator app update, built-in Windows apps Windows 11 KB5089549 network lag Windows 11 Home to Pro Education upgrade Windows 11 Start menu update Windows 11 update KB5079391 Windows 11 KB5085516 OOB update Windows 11 C drive permission error Windows 11 C drive access denied Windows native NVMe driver UEFI Secure Boot certificate rotation Windows 11 printer driver policy Windows 11 printer driver deprecation Windows 11 Build 26300 Sysmon Windows 11 Storage settings restriction Windows 11 Build 26300.7674, Windows Insider channel migration 2026 Windows 11 Update Fix KB5073455 shutdown bug, Secure Launch restart loop Windows 11 File Explorer search performance, Search Indexer RAM usage fix Windows 11 Gaming PC Specs, NVMe DirectStorage Windows 10 End of Support Windows 11 Slow Adoption Windows 11 Crash Loop KB5062553 Bug Update and Shut Down, KB5067036 Windows authentication, Kerberos bug Windows 11 fix, localhost bug Windows 11 Update Restart, Update and Shut Down Windows SMBv1 Windows 11 Arm, Easy Anti-Cheat Windows 11 error, Pluton Windows 11 24H2, Easy Anti-Cheat Windows Firewall Bug, Microsoft Update Error Windows 11, JScript9Legacy Windows Activation, TSforge Windows 11 Update, Firewall Error Windows 11 25H2, Annual Update Windows Resiliency Initiative, Kernel Security Windows 11 Upgrade, ESU Program Windows 11 Recall, Data Export Windows 11 Easy Anti-Cheat Windows 11 Update, Cumulative Update Windows Update, ACPI.sys Windows Updates, Enterprise Software Windows 11 Start Data Encryption Standard Printing Problems Windows 11 updates Estimated installation time Smart App Control, Windows 11 security

Windows 11 Is Getting a Native Video Wallpaper Feature

Do Son September 22, 2025

Windows 11 does not yet natively support setting videos as desktop backgrounds. For years, many users have...

MediaTek Unveils Dimensity 9500, a New King for Mobile AI and Gaming MediaTek, Dimensity 9500

MediaTek, Dimensity 9500

MediaTek Unveils Dimensity 9500, a New King for Mobile AI and Gaming

Do Son September 22, 2025

MediaTek has officially unveiled its new flagship computing platform, the Dimensity 9500, built on TSMC’s third-generation 3nm...

Apple’s In-House Chips Pave the Way for On-Device AI Revolution

Apple Spring Event 2026 Apple Intel 14A iPhone 2028, Intel Foundry Apple Silicon iPhone 18 glass cloth shortage, Nittobo T-glass Apple crisis Apple UK App Store lawsuit appeal, Apple tax £1.5bn damages Apple AI Leadership Shakeup Giannandrea Subramanya Touchscreen MacBook Pro Apple 2026 Roadmap Apple Smart Home, Desktop Robot Apple H3 Chip, AirPods Camera Apple chips, on-device AI Apple AI, retail chatbot MacBook, Affordable Foldable iPhone, Apple Strategy Apple COO, Leadership Transition DOJ Lawsuit Apple EU Policy, App Store Fees CVE-2024-23222 Apple French antitrust fine

Apple’s In-House Chips Pave the Way for On-Device AI Revolution

Do Son September 22, 2025

In recent years, Apple has vigorously advanced its strategy of self-developing chips, evolving from the A-series and...

EDR-Freeze: How a Researcher Turned Windows Error Reporting Into a Weapon Against Antivirus EDR evasion, Windows Defender

EDR evasion, Windows Defender

EDR-Freeze: How a Researcher Turned Windows Error Reporting Into a Weapon Against Antivirus

Do Son September 22, 2025

A new study from a ZeroSalarium security researcher sheds light on a new technique to bypass endpoint...

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users LastPass, macOS infostealer

LastPass, macOS infostealer

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

Do Son September 22, 2025

The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has issued a warning about an ongoing infostealer...

Meta Open-Sources New AI Model for On-Device Reasoning Meta AI usage limits token minimization strategy, Meta AI budget caps, enterprise AI cost control Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta AI usage limits token minimization strategy, Meta AI budget caps, enterprise AI cost control Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta Open-Sources New AI Model for On-Device Reasoning

Do Son September 22, 2025

As generative AI continues to evolve toward lighter and more localized deployments, Meta has announced the open-sourcing...

The iPhone Fold: What to Expect from Apple’s Groundbreaking New Device iOS 27 AirDrop speed, AirDrop transfer speed, AirDrop file transfer, AWDL protocol iPhone 17e rumors iPhone Air 2 Roadmap Apple Launch Cadence Shift iPhone Air sales collapse Apple iPhone Fold iPhone Air, thinnest iPhone camera flaw

iOS 27 AirDrop speed, AirDrop transfer speed, AirDrop file transfer, AWDL protocol iPhone 17e rumors iPhone Air 2 Roadmap Apple Launch Cadence Shift iPhone Air sales collapse Apple iPhone Fold iPhone Air, thinnest iPhone camera flaw

The iPhone Fold: What to Expect from Apple’s Groundbreaking New Device

Do Son September 22, 2025

Although Apple’s new iPhone 17 series and iPhone Air have only just launched this year, market attention...

PoC Released for CVE-2025-41243 – A Spring Cloud Gateway Flaw with CVSS 10.0

PoC Released for CVE-2025-41243 – A Spring Cloud Gateway Flaw with CVSS 10.0

Do Son September 22, 2025

Security researcher Ezzer17 published a clear, methodical write-up that walks through the root cause, the partial fixes,...

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups

Do Son September 22, 2025

Researchers at Silent Push have identified a newly emerging malware loader dubbed CountLoader, which they assess to...

CVE-2025-55241: Microsoft Entra ID Flaw with CVSS 10.0 Could Have Compromised Every Tenant Worldwide Microsoft Entra ID vulnerability CVE-2025-55241

Microsoft Entra ID vulnerability CVE-2025-55241

CVE-2025-55241: Microsoft Entra ID Flaw with CVSS 10.0 Could Have Compromised Every Tenant Worldwide

Do Son September 22, 2025

In one of the most significant discoveries of 2025, security researcher Dirk-jan Mollema revealed a vulnerability in...

BiDi Swap: A Decade-Old Unicode Flaw Still Enables URL Spoofing BiDi Swap, phishing attacks Cybersecurity Threats

BiDi Swap, phishing attacks Cybersecurity Threats

BiDi Swap: A Decade-Old Unicode Flaw Still Enables URL Spoofing

Do Son September 22, 2025

The Varonis Threat Labs team has published an eye-opening report about a persistent vulnerability in how modern...

CopyCop Expands Its Disinformation Network With AI-Generated Content and Global Targets CopyCop Russian disinformation

CopyCop Russian disinformation

CopyCop Expands Its Disinformation Network With AI-Generated Content and Global Targets

Do Son September 22, 2025

A new report from Insikt Group reveals that CopyCop, also known as Storm-1516, is rapidly expanding its...

BlackLock Ransomware: A New Cross-Platform Threat Spreading Rapidly

BlackLock

BlackLock Ransomware: A New Cross-Platform Threat Spreading Rapidly

Do Son September 22, 2025

The AhnLab Security Intelligence Center (ASEC) has released a detailed analysis of BlackLock, a relatively new ransomware...

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials

Do Son September 22, 2025

Zscaler ThreatLabz has uncovered yet another supply chain attack against the Python Package Index (PyPI). In August...

The Database Was the Door: A Ransomware Attack Began with an Exposed Oracle Serve Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

The Database Was the Door: A Ransomware Attack Began with an Exposed Oracle Serve

Do Son September 22, 2025

Yarix’s Incident Response Team (YIR) has published an in-depth analysis of a targeted intrusion that leveraged an...

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

Do Son September 22, 2025

Researchers from the Sophos Counter Threat Unit (CTU) have published new intelligence on a rising ransomware group...

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released TP-Link CWMP CVE-2025-9961

TP-Link CWMP CVE-2025-9961

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released

Do Son September 22, 2025

Security researchers at ByteRay have published a detailed exploitation write-up of CVE-2025-9961, a vulnerability in TP-Link’s CWMP...