Do Son, Author at Daily CyberSecurity • Page 192 of 728

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools kkRAT

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Do Son September 12, 2025

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know

Do Son September 11, 2025

The Angular team has issued a security advisory addressing a high-severity flaw in server-side rendering (SSR) that...

Community Notes: Meta Invites All Users to Test New Fact-Checking System Meta Community Notes

Community Notes: Meta Invites All Users to Test New Fact-Checking System

Do Son September 11, 2025

Earlier this year, following the announcement of its new “Community Notes” initiative to replace third-party fact-checking, Meta’s...

PlayStation Launches Family App for Mobile Parental Controls PlayStation Parental Controls

PlayStation Launches Family App for Mobile Parental Controls

Do Son September 11, 2025

Following in the footsteps of Microsoft and Nintendo, who have long offered parental control features on their...

A New Era for Developers: Microsoft Waives App Publishing Fees Microsoft Store, app publishing

A New Era for Developers: Microsoft Waives App Publishing Fees

Do Son September 11, 2025

Microsoft has announced that, beginning today, individual developers will no longer be charged any fees for publishing...

Microsoft Copilot to Be Powered by Two AIs: OpenAI and Now Anthropic Microsoft Copilot, Anthropic CVE-2024-38063 on-premises server products

Microsoft Copilot to Be Powered by Two AIs: OpenAI and Now Anthropic

Do Son September 11, 2025

The Information has reported that Microsoft is preparing to announce, within the coming weeks, the integration of...

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible The created ransom note

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Do Son September 11, 2025

AhnLab researchers have released an in-depth technical analysis of the CyberVolk ransomware, a strain that has been...

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation Sunshine for Windows, vulnerability

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation

Do Son September 11, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of two critical local security flaws...

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise

Do Son September 11, 2025

Researchers at Palo Alto Networks’ Unit 42 have published a report detailing the rise of AdaptixC2, an...

CVE-2025-8696: DoS Flaw in Stork UI Allows Unauthenticated Attackers to Crash Servers CVE-2025-8696 Stork UI

CVE-2025-8696: DoS Flaw in Stork UI Allows Unauthenticated Attackers to Crash Servers

Do Son September 11, 2025

The Internet Systems Consortium (ISC) has issued a security advisory addressing a high-severity flaw in Stork UI,...

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years

Do Son September 11, 2025

Jamf Threat Labs has uncovered a new variant of the ChillyHell malware family—an advanced, modular backdoor for...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)

Do Son September 11, 2025

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active...

KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

Do Son September 11, 2025

Resecurity has reported that KillSec ransomware has targeted MedicSolution, a key healthcare software provider in Brazil, compromising...

Unsealed Indictment Exposes Mastermind Behind Notorious Ransomware Gangs WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Unsealed Indictment Exposes Mastermind Behind Notorious Ransomware Gangs

Do Son September 11, 2025

The U.S. Department of Justice has unsealed a superseding indictment against Volodymyr Viktorovich Tymoshchuk — also known...

CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates CoreDNS Security Encrypted DNS Vulnerabilities CoreDNS vulnerability, DNS cache poisoning

CoreDNS Security Encrypted DNS Vulnerabilities CoreDNS vulnerability, DNS cache poisoning

CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates

Do Son September 11, 2025

The CoreDNS project has disclosed a vulnerability in its etcd plugin, tracked as CVE-2025-58063 (CVSS 7.1), which...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches High-Severity Vulnerabilities in NVDebug Tool

Do Son September 11, 2025

NVIDIA has released a software update for its NVDebug tool, addressing three high-severity vulnerabilities (CVE-2025-23342, CVE-2025-23343, and...

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts

Do Son September 11, 2025

Cybereason Security Services has uncovered a malicious Chrome extension campaign targeting Meta (Facebook and Instagram) advertisers. Branded...

The Gentlemen: A New Ransomware Group Using Legitimate Tools to Bypass Security Chinese espionage groups APT35 Phishing, Stormshield CTI

The Gentlemen: A New Ransomware Group Using Legitimate Tools to Bypass Security

Do Son September 11, 2025

Trend Micro researchers have revealed a new ransomware campaign orchestrated by The Gentlemen, an emerging threat group...

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks Luno botnet, Linux botnet

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks

Do Son September 11, 2025

Cyble Research and Intelligence Labs (CRIL) has discovered an active in-the-wild Linux botnet campaign dubbed “Luno,” which...

Apple’s “Most Significant Upgrade” to iPhone Security Is Here DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

Apple’s “Most Significant Upgrade” to iPhone Security Is Here

Do Son September 10, 2025

Apple Security Engineering and Architecture (SEAR) has unveiled Memory Integrity Enforcement (MIE), an always-on, hardware-assisted memory safety...

Critical Alert 1 Active Exploit Detected Today