Do Son, Author at Daily CyberSecurity • Page 297 of 730

Darcula Exposed: Inside a Global Phishing-as-a-Service Empire Powered by the Magic Cat Toolkit Darcula, Phishing-as-a-Service

Darcula Exposed: Inside a Global Phishing-as-a-Service Empire Powered by the Magic Cat Toolkit

Do Son May 6, 2025

In a deep dive into one of the most sophisticated global phishing infrastructures ever uncovered, researchers at...

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password Digigram, default password vulnerability

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password

Do Son May 6, 2025

A security vulnerability has been identified in Digigram’s PYKO-OUT audio-over-IP (AoIP) product, raising concerns about its use...

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk Supply Chain Attack, E-commerce Security

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk

Do Son May 6, 2025

The Sansec Forensics Team has uncovered a coordinated supply chain attack that has silently infected ecommerce infrastructure...

DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign DragonForce, Ransomware

DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign

Do Son May 6, 2025

A disturbing evolution in the ransomware ecosystem has been exposed by cybersecurity firm SentinelOne, which has published...

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching Cognos Analytics, IBM vulnerabilities

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching

Do Son May 6, 2025

IBM has released security updates to address two critical vulnerabilities affecting its flagship business intelligence platform, IBM...

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363 Android Security Bulletin CVE-2025-27363

Android Security Bulletin CVE-2025-27363

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363

Do Son May 5, 2025

Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting...

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248 CVE-2025-3248 Langflow Vulnerability Remote Code Execution

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248

Do Son May 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities...

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild Samsung MagicINFO, remote code execution

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild

Do Son May 5, 2025

A critical security vulnerability, CVE-2024-7399, is being actively exploited in the wild in Samsung MagicINFO 9 Server,...

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass BeyondTrust, authentication bypass

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass

Do Son May 5, 2025

A significant security vulnerability has been identified in BeyondTrust’s Privileged Remote Access (PRA) solution, posing a risk...

California Man to Plead Guilty in Hack of Disney Employee, Theft of 1.1TB of Confidential Slack Data

Do Son May 5, 2025

In a case that merges social engineering, malware, and corporate espionage, the U.S. Department of Justice (DOJ)...

MediaTek May 2025 Security Bulletin: Chipset Vulnerabilities Disclosed MediaTek, modem vulnerabilities

MediaTek May 2025 Security Bulletin: Chipset Vulnerabilities Disclosed

Do Son May 5, 2025

The MediaTek Product Security Bulletin for May 2025 highlights multiple security vulnerabilities affecting a wide range of...

Yemeni National Indicted for Black Kingdom Ransomware Attacks Black Kingdom, ransomware

Yemeni National Indicted for Black Kingdom Ransomware Attacks

Do Son May 5, 2025

The U.S. Department of Justice (DOJ) has unsealed a three-count federal grand jury indictment against Rami Khaled...

Google to Offer Gemini AI to Kids Under 13 with Parental Controls Sundar Pichai ChatGPT, Generative AI Rivalry Google AI Pro, student verification AI Overview, Publishers Drug Discovery AI, Isomorphic Labs Google AI Overviews, Antitrust Complaint Google AI Studio Google One AI, student offer Google Samsung Antitrust Gemini Gemini AI, Child Safety

Sundar Pichai ChatGPT, Generative AI Rivalry Google AI Pro, student verification AI Overview, Publishers Drug Discovery AI, Isomorphic Labs Google AI Overviews, Antitrust Complaint Google AI Studio Google One AI, student offer Google Samsung Antitrust Gemini Gemini AI, Child Safety

Google to Offer Gemini AI to Kids Under 13 with Parental Controls

Do Son May 5, 2025

According to a report by The New York Times, Google is planning to extend access to its...

NCSC Warns of Pervasive Ransomware Threat: Act Now Ransomware, Cyber Security

NCSC Warns of Pervasive Ransomware Threat: Act Now

Do Son May 5, 2025

The UK’s National Cyber Security Centre (NCSC) has issued a warning: ransomware and cyber extortion are no...

CVE-2025-46762: Apache Parquet Java Flaw Allows Potential RCE via Avro Schema CVE-2025-30065 Apache Parquet, CVE-2025-46762

CVE-2025-46762: Apache Parquet Java Flaw Allows Potential RCE via Avro Schema

Do Son May 5, 2025

A critical security flaw has been identified in Apache Parquet Java, a popular open-source columnar storage format...

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR More_eggs, Venom Spider

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR

Do Son May 5, 2025

In a newly released analysis, Arctic Wolf Labs has documented a sophisticated phishing campaign orchestrated by the...

Critical SQL Injection Vulnerability Found in ADOdb PHP Library – CVE-2025-46337 (CVSS 10.0) ADOdb, SQL Injection

Critical SQL Injection Vulnerability Found in ADOdb PHP Library – CVE-2025-46337 (CVSS 10.0)

Do Son May 5, 2025

A critical security flaw has been disclosed in ADOdb, the widely-used PHP database abstraction library with over...

Bridewell Uncovers ‘Operation Deceptive Prospect’ Targeting UK Organizations via Feedback Portals

Do Son May 5, 2025

Cyber threat actor RomCom—also tracked as Storm-0978, Tropical Scorpius, UNC2596, Void Rabisu, and UAC-0180—has launched a new...

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader StealC V2, Info-Stealer

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader

Do Son May 5, 2025

In a comprehensive technical report, ThreatLabz has dissected the inner workings of StealC V2, a major upgrade...

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475 SonicWall, exploit chain

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475

Do Son May 5, 2025

A newly exploit chain targeting SonicWall’s Secure Mobile Access (SMA) appliances has been released. Published by watchTowr...