Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Cloudflare Cuts 20% of Staff to Pivot Toward an “AI-First Agentic” Future Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Cuts 20% of Staff to Pivot Toward an “AI-First Agentic” Future

Do Son May 8, 2026

Even the technology behemoths who command the very lifelines of global internet infrastructure are evidently not immune...

The End of Whiteboard Coding: Google to Allow Gemini AI in Software Engineering Interviews Google Gemini Go app Google AI software engineering interview Google Gemini for Mac

Google Gemini Go app Google AI software engineering interview Google Gemini for Mac

The End of Whiteboard Coding: Google to Allow Gemini AI in Software Engineering Interviews

Do Son May 8, 2026

As generative AI fundamentally reshapes the landscape of software development, the venerable tradition of “whiteboard coding” interviews...

Reddit in the Spotlight: Google’s Search Pivot Puts “First-Hand Accounts” at the Core of AI Overviews Google AI Overviews Reddit integration

Google AI Overviews Reddit integration

Reddit in the Spotlight: Google’s Search Pivot Puts “First-Hand Accounts” at the Core of AI Overviews

Do Son May 8, 2026

In an era saturated with SEO-driven content farms, authentic human resonance is emerging as a scarce resource...

Silent Rotor: Targeted Rust Malware Infiltrates the 2026 Eurasian Unmanned Aviation Forum Operation Silent Rotor Rust Malware

Operation Silent Rotor Rust Malware

Silent Rotor: Targeted Rust Malware Infiltrates the 2026 Eurasian Unmanned Aviation Forum

Do Son May 8, 2026

In a precision-strike operation currently unfolding across Central Asia and Europe, threat actors have launched a highly...

Is Your React App Vulnerable to the CVE-2026-23870 DoS Attack? React Server Components Vulnerability CVE-2026-23870 React Server Components Server-Side DoS React DoS Vulnerability CVE-2026-23864 React Server Components DoS, Source Code Disclosure React RCE, Server Components Deserialization CVE-2025-55182

React Server Components Vulnerability CVE-2026-23870 React Server Components Server-Side DoS React DoS Vulnerability CVE-2026-23864 React Server Components DoS, Source Code Disclosure React RCE, Server Components Deserialization CVE-2025-55182

Is Your React App Vulnerable to the CVE-2026-23870 DoS Attack?

Do Son May 8, 2026

A high-severity Denial of Service (DoS) vulnerability has been uncovered in React Server Components, prompting an urgent...

The TOAD Trap: Why Scammers are Trading Malicious Links for VoIP Phone Numbers TOAD Attacks Telephone-Oriented Attack Delivery

TOAD Attacks Telephone-Oriented Attack Delivery

The TOAD Trap: Why Scammers are Trading Malicious Links for VoIP Phone Numbers

Do Son May 8, 2026

While security teams have spent years perfecting the art of spotting malicious URLs and suspicious sender domains,...

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers InstallFix Malware Claude AI Phishing

InstallFix Malware Claude AI Phishing

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers

Do Son May 8, 2026

A sophisticated new campaign, dubbed InstallFix, is currently targeting professionals searching for Anthropic’s Claude AI tools. By...

Embargo Broken: Public PoC Released for “Dirty Frag” Linux Kernel Exploit Granting Instant Root Access Dirty Frag Linux PoC v4bel Dirty Frag Exploit

Dirty Frag Linux PoC v4bel Dirty Frag Exploit

Embargo Broken: Public PoC Released for “Dirty Frag” Linux Kernel Exploit Granting Instant Root Access

Do Son May 8, 2026

A new class of Linux vulnerabilities has been unearthed, threatening the core security boundaries of nearly every...

Critical 9.9 CVSS Rancher Fleet Flaw Grants Full Cluster-Admin Access Fleet security vulnerabilities cross namespace secret disclosure Rancher, GitOps Rancher Fleet Critical Vulnerability CVE-2026-41050

Fleet security vulnerabilities cross namespace secret disclosure Rancher, GitOps Rancher Fleet Critical Vulnerability CVE-2026-41050

Critical 9.9 CVSS Rancher Fleet Flaw Grants Full Cluster-Admin Access

Do Son May 8, 2026

The SUSE Rancher Security team has issued a high-priority advisory regarding a pair of vulnerabilities in Fleet,...

Zabbix Flaws Allow Monitored Hosts to Hijack Admin Dashboards Zabbix XSS Vulnerabilities CVE-2026-23926 zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

Zabbix XSS Vulnerabilities CVE-2026-23926 zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

Zabbix Flaws Allow Monitored Hosts to Hijack Admin Dashboards

Do Son May 8, 2026

Zabbix, the ubiquitous open-source monitoring solution used by enterprises to track the health of vast IT infrastructures,...

Under Active Attack: Ivanti EPMM Zero-Day Exploited in the Wild via Harvested Admin Credentials Ivanti EPMM Zero-Day CVE-2026-6973 Exploitation CVE-2024-9379, CVE-2024-9380, CVE-2024-9381

Ivanti EPMM Zero-Day CVE-2026-6973 Exploitation CVE-2024-9379, CVE-2024-9380, CVE-2024-9381

Under Active Attack: Ivanti EPMM Zero-Day Exploited in the Wild via Harvested Admin Credentials

Do Son May 7, 2026

Ivanti has issued an urgent security advisory for its Endpoint Manager Mobile (EPMM) platform, formerly known as...

Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage Oman Government Cyberattack Hunt Intelligence APT Report

Oman Government Cyberattack Hunt Intelligence APT Report

Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage

Do Son May 7, 2026

A recent discovery by Hunt Intelligence has revealed an uncharacteristic lapse by a sophisticated threat actor. An...

Cisco Unity Connection Flaws Enable Full System Takeover Cisco Unity Connection RCE CVE-2026-20034

Cisco Unity Connection RCE CVE-2026-20034

Cisco Unity Connection Flaws Enable Full System Takeover

Do Son May 7, 2026

Cisco has issued a high-priority security advisory regarding multiple vulnerabilities in Cisco Unity Connection that could allow...

Cisco CNC and NSO Flaw Allows Remote Attackers to Lock Down Network Management Cisco NSO Denial of Service CVE-2026-20188

Cisco NSO Denial of Service CVE-2026-20188

Cisco CNC and NSO Flaw Allows Remote Attackers to Lock Down Network Management

Do Son May 7, 2026

Cisco has issued a high-priority security advisory for a vulnerability in its network management and orchestration platforms...

OceanLotus Hijacks PyPI to Deploy “ZiChatBot” via Enterprise Chat APIs Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

OceanLotus Hijacks PyPI to Deploy “ZiChatBot” via Enterprise Chat APIs

Do Son May 7, 2026

In a calculated move that signals the expansion of state-sponsored threats into open-source repositories, researchers at Kaspersky...

Orbital Ambitions: Anthropic Taps Musk’s “Colossus” to Double Claude’s Power and Eye the Stars Anthropic SpaceX partnership SpaceX IPO 1.75 trillion 2026 Tech IPO wave, SpaceX OpenAI Anthropic valuation SpaceX IPO 2026, $800 Billion Valuation SpaceX $1.5 Trillion IPO, Starship Starlink

Anthropic SpaceX partnership SpaceX IPO 1.75 trillion 2026 Tech IPO wave, SpaceX OpenAI Anthropic valuation SpaceX IPO 2026, $800 Billion Valuation SpaceX $1.5 Trillion IPO, Starship Starlink

Orbital Ambitions: Anthropic Taps Musk’s “Colossus” to Double Claude’s Power and Eye the Stars

Do Son May 7, 2026

According to the latest intelligence, Anthropic has secured a landmark partnership agreement with Elon Musk’s SpaceX, granting...

The 1.6 Billion User Pivot: Satya Nadella’s Plan to Fix Windows 11 and Save the 8GB PC Windows 11 CPU optimization Microsoft Windows user engagement

Windows 11 CPU optimization Microsoft Windows user engagement

The 1.6 Billion User Pivot: Satya Nadella’s Plan to Fix Windows 11 and Save the 8GB PC

Do Son May 7, 2026

In a recent financial disclosure, Microsoft CEO Satya Nadella reaffirmed the corporation’s renewed dedication to the Windows...

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors RMM Hijacking Campaign Self-Healing Persistence

RMM Hijacking Campaign Self-Healing Persistence

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors

Do Son May 7, 2026

A sophisticated phishing campaign is proving that the most effective “virus” is often a legitimate piece of...

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials OpenClaw Framework Malware DeepSeek-Claw AI Skill

OpenClaw Framework Malware DeepSeek-Claw AI Skill

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials

Do Son May 7, 2026

Security researchers at Zscaler ThreatLabz have uncovered a deceptive campaign targeting the OpenClaw framework—an open-source tool designed...

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs

Do Son May 7, 2026

Security researchers at Cisco Talos have uncovered a sophisticated campaign that allows attackers to steal SMS messages...