Do Son, Author at Daily CyberSecurity • Page 263 of 730

Root Access Unlocked: How a pam_namespace Flaw Lets Attackers Elevate Privileges on Linux Linux PAM, Privilege Escalation

Root Access Unlocked: How a pam_namespace Flaw Lets Attackers Elevate Privileges on Linux

Do Son June 19, 2025

A security vulnerability was found in Linux PAM (Pluggable Authentication Modules). Tracked as CVE-2025-6020, the flaw affects...

Tor Meets Docker: Sophisticated Crypto-Mining Campaign Hijacks Misconfigured APIs

Do Son June 19, 2025

Trend Micro researchers have uncovered a stealthy new attack method that fuses misconfigured Docker remote APIs with...

MySQL Servers Under Attack: Threat Actors Exploiting UDFs to Inject Gh0stRAT, XWorm & Zoho Agents MySQL Attacks, UDF Exploitation pREST, SQL injection

MySQL Attacks, UDF Exploitation pREST, SQL injection

MySQL Servers Under Attack: Threat Actors Exploiting UDFs to Inject Gh0stRAT, XWorm & Zoho Agents

Do Son June 19, 2025

Threat actors are ramping up attacks on poorly managed MySQL servers, particularly those running in Windows environments,...

SSRF Flaw (CVE-2025-6087) in OpenNext for Cloudflare Allows Unauthenticated Content Proxying SSRF, Cloudflare OpenNext

SSRF Flaw (CVE-2025-6087) in OpenNext for Cloudflare Allows Unauthenticated Content Proxying

Do Son June 19, 2025

A Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, potentially allowing unauthenticated users...

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware Fake captcha

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware

Do Son June 19, 2025

Elastic Security Labs has revealed a highly sophisticated multi-stage attack chain exploiting a social engineering method dubbed...

Ransomware Gang Qilin Rises Amid Collapse of Major Gangs Like RansomHub and LockBit

Do Son June 19, 2025

The ransomware threat landscape is undergoing dramatic upheaval. As legacy groups like RansomHub, LockBit, Everest, and BlackLock...

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways KAON Wi-Fi Gateway, Authentication Bypass

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

Do Son June 19, 2025

A critical vulnerability has been disclosed in KAON’s KCM3100 Wi-Fi gateway devices that could allow attackers to...

Invoice to Infection: Sorillus RAT Campaign Strikes European Organizations

Do Son June 19, 2025

A fresh wave of targeted cyberattacks is sweeping across Europe, leveraging invoice-themed phishing emails and weaponizing legitimate...

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Do Son June 19, 2025

After years of operating in near-total obscurity, the cyber-espionage group XDSpy has resurfaced in a sophisticated campaign...

TikTok Gets Another Lifeline: Trump Extends Ban Deadline by 90 Days TikTok USDS Joint Venture LLC divestiture, Project Texas 2.0 ByteDance stake TikTokRefugee TikTok Ban, US Extension

TikTok USDS Joint Venture LLC divestiture, Project Texas 2.0 ByteDance stake TikTokRefugee TikTok Ban, US Extension

TikTok Gets Another Lifeline: Trump Extends Ban Deadline by 90 Days

Do Son June 18, 2025

Following the Trump administration’s initial decision in early April to grant TikTok’s U.S. operations an additional 75-day...

Python Protobuf Flaw Allows DoS Via Nested Messages Python Protobuf, DoS Vulnerability

Python Protobuf Flaw Allows DoS Via Nested Messages

Do Son June 18, 2025

A high-severity vulnerability has been uncovered in the pure-Python backend of Google’s Protocol Buffers (protobuf), potentially allowing...

D-Link Router Flaws Allow Code Execution, PoC Available, No Patch D-Link DIR-816, Critical Vulnerabilities D-Link EOL RCE, Unauthenticated Command Injection

D-Link DIR-816, Critical Vulnerabilities D-Link EOL RCE, Unauthenticated Command Injection

D-Link Router Flaws Allow Code Execution, PoC Available, No Patch

Do Son June 18, 2025

D-Link has issued an official advisory warning users of its legacy DIR-632 router that two critical vulnerabilities...

Broadcom Unveils VMware Cloud Foundation 9.0: A Unified Private Cloud for AI & Modern Workloads Broadcom VCF, Private Cloud

Broadcom Unveils VMware Cloud Foundation 9.0: A Unified Private Cloud for AI & Modern Workloads

Do Son June 18, 2025

Broadcom has officially unveiled VMware Cloud Foundation (VCF) 9.0, marking a significant stride in advancing its modern...

Wi-Fi 8 is Coming: Ultra-Reliable Connectivity Set for 2028 Launch EU 6GHz Spectrum Wi-Fi 7 vs 6G Wi-Fi 8, Wireless Standard Captive portal - WPA3 Security

EU 6GHz Spectrum Wi-Fi 7 vs 6G Wi-Fi 8, Wireless Standard Captive portal - WPA3 Security

Wi-Fi 8 is Coming: Ultra-Reliable Connectivity Set for 2028 Launch

Do Son June 18, 2025

An increasing number of devices are now beginning to support the Wi-Fi 7 standard, yet its adoption...

OneDrive Shock: User Loses 30 Years of Photos After Account Suspension, Highlighting Cloud Backup Risks OneDrive cloud deletion 2026 OneDrive Facial Recognition, Three-Time Limit OneDrive Suspension, Data Loss

OneDrive cloud deletion 2026 OneDrive Facial Recognition, Three-Time Limit OneDrive Suspension, Data Loss

OneDrive Shock: User Loses 30 Years of Photos After Account Suspension, Highlighting Cloud Backup Risks

Do Son June 18, 2025

After Microsoft integrated OneDrive cloud storage into Windows 10 and 11, a significant number of users were...

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping Mastodon Data, AI Scraping CVE-2024-23832 PoC

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

Do Son June 18, 2025

The decentralized social networking platform Mastodon has recently issued an email to its users, notifying them of...

Firefox Pilots AI Search: Perplexity AI Integration Challenges Google’s Dominance Firefox AI Search, Perplexity AI

Firefox Pilots AI Search: Perplexity AI Integration Challenges Google’s Dominance

Do Son June 18, 2025

The Mozilla Foundation is currently piloting an AI-powered search engine within the Firefox browser, selecting Perplexity AI...

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Do Son June 18, 2025

Microsoft recently released a new study titled “2025 Work Trend Index Annual Report,” in which it issues...

Taiwan Under Attack: Sophisticated Phishing Campaign Delivers Winos 4.0, HoldingHands RAT, & Gh0stCringe Taiwan Cyberattack, Phishing Campaign

Taiwan Under Attack: Sophisticated Phishing Campaign Delivers Winos 4.0, HoldingHands RAT, & Gh0stCringe

Do Son June 18, 2025

In a detailed investigation published by FortiGuard Labs, a persistent and highly coordinated malware campaign has been...

Urgent Ubiquiti Alert: Critical Flaws (CVSS 9.9) Allow Privilege Escalation via XSS & SQL Injection Ubiquiti Vulnerabilities, Privilege Escalation

Ubiquiti Vulnerabilities, Privilege Escalation

Urgent Ubiquiti Alert: Critical Flaws (CVSS 9.9) Allow Privilege Escalation via XSS & SQL Injection

Do Son June 18, 2025

Two high-severity vulnerabilities have been disclosed in widely used Ubiquiti software components—UCRM Client Signup Plugin and the...