Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Claude 4 AI’s Dark Side: ‘Whistleblowing Mode’ and Blackmail Attempts Uncovered Claude Code Security Claude Opus 4.1, AI Model Update Anthropic OpenAI, API Access Revocation Claude AI, Rate Limits Claude Memory, AI Personalization Claude 4 whistleblowing, AI ethical risks

Claude Code Security Claude Opus 4.1, AI Model Update Anthropic OpenAI, API Access Revocation Claude AI, Rate Limits Claude Memory, AI Personalization Claude 4 whistleblowing, AI ethical risks

Claude 4 AI’s Dark Side: ‘Whistleblowing Mode’ and Blackmail Attempts Uncovered

Do Son May 23, 2025

The artificial intelligence industry is currently abuzz with discussions surrounding the newly released Claude 4 series models....

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included) NETGEAR, Authentication Bypass

NETGEAR, Authentication Bypass

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included)

Do Son May 23, 2025

A newly disclosed and highly critical vulnerability, tracked as CVE-2025-4978 with a CVSSv4 score of 9.3, has...

Rhadamanthys Stealer Returns: Copyright Phishing Targets Europe lures

lures

Rhadamanthys Stealer Returns: Copyright Phishing Targets Europe

Do Son May 23, 2025

The Rhadamanthys stealer, a notorious information-stealing malware, has returned with a new wave of targeted phishing attacks...

Stealthy Skimmer: New Formjacking Malware Targets WooCommerce Checkouts WooCommerce formjacking, stealthy skimmer

WooCommerce formjacking, stealthy skimmer

Stealthy Skimmer: New Formjacking Malware Targets WooCommerce Checkouts

Do Son May 23, 2025

The Wordfence Threat Intelligence Team has uncovered a new and deeply stealthy formjacking malware targeting WooCommerce, the...

Print Security Warning: Canon Printers Exposed to Data Theft Printer security, Canon update

Printer security, Canon update

Print Security Warning: Canon Printers Exposed to Data Theft

Do Son May 23, 2025

Canon has issued a security advisory warning customers about two high-severity vulnerabilities—CVE-2025-3078 and CVE-2025-3079—that affect a range...

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending) libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending)

Do Son May 23, 2025

A newly disclosed vulnerability in ModSecurity’s Apache module, tracked as CVE-2025-47947, exposes web servers to a potentially...

Destructive npm Packages Deleting Files, Hijacking Frameworks for 2+ Years npm security, destructive packages

npm security, destructive packages

Destructive npm Packages Deleting Files, Hijacking Frameworks for 2+ Years

Do Son May 23, 2025

In a disturbing development for the JavaScript community, Socket’s Threat Research Team has uncovered a stealthy and...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Do Son May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Malicious VS Code Extensions Deliver Spyware, Steal Crypto Credentials VS Code security, crypto wallet theft

VS Code security, crypto wallet theft

Malicious VS Code Extensions Deliver Spyware, Steal Crypto Credentials

Do Son May 23, 2025

In a detailed report published by Datadog Security Research, threat actor MUT-9332 has been linked to a...

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack Attack Tree

Attack Tree

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack

Do Son May 23, 2025

The Genesis Market, a notorious dark web marketplace dismantled by law enforcement in early 2023, appears to...

Your AI Summary Will Have Ads: Google Integrates Sponsored Content into Search AI overview ads, Google search ads

AI overview ads, Google search ads

Your AI Summary Will Have Ads: Google Integrates Sponsored Content into Search

Do Son May 22, 2025

Google published a new blog post detailing its plans to incorporate sponsored content and advertisements into its...

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382 UTA

UTA

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382

Do Son May 22, 2025

A newly identified Chinese-speaking threat actor cluster, tracked as UAT-6382, is actively exploiting a zero-day vulnerability in...

Europol & Microsoft Lead Global Takedown of Lumma Stealer, World’s Largest Infostealer Lumma Stealer takedown Cybercrime disruption

Lumma Stealer takedown Cybercrime disruption

Europol & Microsoft Lead Global Takedown of Lumma Stealer, World’s Largest Infostealer

Do Son May 22, 2025

Europol’s European Cybercrime Centre (EC3) and Microsoft’s Digital Crimes Unit (DCU) have successfully disrupted the Lumma Stealer,...

Privilege Escalation Flaws in Cisco Unified Intelligence Center Threaten User Data Integrity Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Privilege Escalation Flaws in Cisco Unified Intelligence Center Threaten User Data Integrity

Do Son May 22, 2025

Cisco has released security updates addressing two privilege escalation vulnerabilities—CVE-2025-20113 and CVE-2025-20114—in its Unified Intelligence Center (UIC)...

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions

Do Son May 22, 2025

Mitel has issued a security advisory warning of a high-severity path traversal vulnerability (CVE-2025-48026) in its OpenScape...

Google Chrome Update: 8 Security Fixes Including High-Severity Flaw Chrome security update, browser vulnerabilities

Chrome security update, browser vulnerabilities

Google Chrome Update: 8 Security Fixes Including High-Severity Flaw

Do Son May 22, 2025

Google has released a Stable Channel update to version 137.0.7151.40/.41 for Windows and Mac as part of...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Do Son May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

RADIUS Risk: Unauthenticated Remote Attacker Can Crash Cisco ISE by Default CVE-2024-20419 - Cisco Webex Vulnerability Cisco ISE DoS, CVE-2025-20152

CVE-2024-20419 - Cisco Webex Vulnerability Cisco ISE DoS, CVE-2025-20152

RADIUS Risk: Unauthenticated Remote Attacker Can Crash Cisco ISE by Default

Do Son May 22, 2025

Cisco has published a security advisory for a high-severity vulnerability impacting its Identity Services Engine (ISE) product....

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw

Do Son May 22, 2025

Grafana Labs issued an unscheduled security release—Grafana 12.0.0+security-01—alongside patches for all supported versions, addressing a high-severity cross-site...

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed

Do Son May 22, 2025

GitLab announced the release of versions 18.0.1, 17.11.3, and 17.10.7 for both its Community Edition (CE) and...