Do Son, Author at Daily CyberSecurity • Page 271 of 730

iOS 26 Unveils Enhanced Apps with “Liquid Glass” & Apple Intelligence iPhone 17 Air, ultra-thin design iPhone Reverse charging Apple AI, Siri Overhaul iOS 26 Features

iPhone 17 Air, ultra-thin design iPhone Reverse charging Apple AI, Siri Overhaul iOS 26 Features

iOS 26 Unveils Enhanced Apps with “Liquid Glass” & Apple Intelligence

Do Son June 10, 2025

In addition to dedicating time to introduce its first major design overhaul in over a decade—dubbed the...

Apple Unifies OS Versions to “26” and Unveils “Liquid Glass” Redesign AirDrop PIN Pairing 30-Day AirDrop Trust iOS 26 downgrade iOS 26 battery drain 5G MacBook, Cellular Mac iOS 26, Communication Safety iOS 26, Wi-Fi Synchronization iOS 26, Wi-Fi Synchronization Apple Redesign Apple Public Betas, AirPods Firmware

AirDrop PIN Pairing 30-Day AirDrop Trust iOS 26 downgrade iOS 26 battery drain 5G MacBook, Cellular Mac iOS 26, Communication Safety iOS 26, Wi-Fi Synchronization iOS 26, Wi-Fi Synchronization Apple Redesign Apple Public Betas, AirPods Firmware

Apple Unifies OS Versions to “26” and Unveils “Liquid Glass” Redesign

Do Son June 10, 2025

As previously rumored, Apple has officially confirmed that all of its operating systems will adopt a unified...

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems XXE Vulnerability

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

Do Son June 10, 2025

The GeoTools project, a popular open-source Java library used for geospatial data processing, has issued a critical...

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover WordPress Vulnerability

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover

Do Son June 10, 2025

A critical Privilege Escalation vulnerability has been disclosed in the RealHomes WordPress theme, a popular real estate...

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack

Do Son June 10, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited...

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns China-nexus, Cyber-espionage

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Do Son June 10, 2025

SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and...

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Do Son June 10, 2025

A stealthy Advanced Persistent Threat (APT) group tracked as Librarian Ghouls—also known by aliases Rare Werewolf and...

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects CVE-2025-48757, Row-Level Security, Supabase, Lovable

CVE-2025-48757, Row-Level Security, Supabase, Lovable

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects

Do Son June 10, 2025

Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as...

Kimsuky’s AppleSeed Returns: North Korea-Linked APT Targets Korean Users via Social Media

Do Son June 10, 2025

In its latest Advanced Persistent Threat (APT) campaign, Kimsuky, a North Korea-linked group, has returned with an...

Operation DRAGONCLONE: China Mobile Tietong Hit by Advanced APT Attack

Do Son June 10, 2025

Seqrite Labs APT-Team has uncovered a targeted campaign against China Mobile Tietong Co., Ltd., a prominent subsidiary...

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems RevPi Webstatus, Authentication Bypass

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems

Do Son June 10, 2025

KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an...

APT41 Unleashes Stealthy Malware Using Google Calendar for Covert C2!

Do Son June 10, 2025

APT41—also known as BARIUM, Wicked Panda, and Brass Typhoon—is a well-known Chinese state-sponsored APT group notorious for...

Behind the Followers: Malicious Python Package Harvests Instagram Credentials Instagram Malware, Credential Harvesting

Behind the Followers: Malicious Python Package Harvests Instagram Credentials

Do Son June 10, 2025

Socket’s Threat Research Team has uncovered ‘imad213’, a credential-harvesting tool masquerading as an Instagram booster. Behind its...

BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache BladedFeline, Cyberespionage

BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache

Do Son June 10, 2025

In a detailed expose released by ESET, researchers unveiled a sophisticated and persistent cyberespionage campaign by an...

SoraAI.lnk: Beware of This New Info-Stealer Hiding as OpenAI’s Sora

Do Son June 10, 2025

A new info-stealer malware named SoraAI.lnk is leveraging the popularity of OpenAI’s video model, Sora, to infect...

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes Kafka RCE JAAS vulnerability

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes

Do Son June 9, 2025

The Apache Kafka Project has released security advisories addressing three important vulnerabilities affecting various versions of the...

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets Wazuh RCE, Mirai Botnets

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets

Do Son June 9, 2025

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered active exploitation of CVE-2025-24016, a critical remote code...

Apple’s “Liquid Glass” Vision: iPhone 2027 & Unified OS 26 Liquid Glass, iPhone 2027 Apple AI Apple Intelligence, China Market

Apple’s “Liquid Glass” Vision: iPhone 2027 & Unified OS 26

Do Son June 9, 2025

As Apple is expected to unveil its next-generation operating systems at WWDC 2025—with speculation suggesting a unified...

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Do Son June 9, 2025

ManageEngine’s Exchange Reporter Plus, a widely-used web-based monitoring and reporting tool for Microsoft Exchange, has been found...

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover! PayU CommercePro, Account Takeover

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!

Do Son June 9, 2025

A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows...