Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

R2 Down: Cloudflare’s Object Storage Hit by 1-Hour Outage Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

R2 Down: Cloudflare’s Object Storage Hit by 1-Hour Outage

Do Son March 26, 2025

R2, Cloudflare’s object storage service designed to help clients store static assets such as images and software...

Apple WWDC 2025: June Dates, iOS 19, AI Siri Expected

Apple WWDC 2025

Apple WWDC 2025: June Dates, iOS 19, AI Siri Expected

Do Son March 26, 2025

Following the announcements from Google and Microsoft confirming the schedules for their annual developer conferences, Apple has...

Chrome Installer Bug: ARM Version Delivered to x86 Users CVE-2024-4947 PoC Chrome Installer Bug OpenAI Chrome Google antitrust

CVE-2024-4947 PoC Chrome Installer Bug OpenAI Chrome Google antitrust

Chrome Installer Bug: ARM Version Delivered to x86 Users

Do Son March 26, 2025

Even as the world’s most widely used browser, Google Chrome is not immune to occasional elementary missteps....

CVE-2025-30091: Critical RCE Flaw Found in MoxieManager

CVE-2025-30091

CVE-2025-30091: Critical RCE Flaw Found in MoxieManager

Do Son March 26, 2025

Tiny Technologies has recently issued a security advisory regarding a critical vulnerability discovered in MoxieManager, a file...

VMware Tools for Windows Hit by CVE-2025-22230 Auth Bypass Flaw VMware SD-WAN Vulnerabilities CVE-2025-22230

VMware SD-WAN Vulnerabilities CVE-2025-22230

VMware Tools for Windows Hit by CVE-2025-22230 Auth Bypass Flaw

Do Son March 26, 2025

A recent security advisory from Broadcom highlights a significant security update for VMware Tools for Windows. The...

Unmasking Kimsuky’s Latest Tactics: A Deep Dive into Malicious Scripts and Payloads North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Unmasking Kimsuky’s Latest Tactics: A Deep Dive into Malicious Scripts and Payloads

Do Son March 26, 2025

Recently, K7 Labs provided an insightful analysis of a campaign attributed to the North Korean APT group...

Beware Brand Deals: “Clickflix” Malware Targets YouTube Clickflix Malware

Clickflix Malware

Beware Brand Deals: “Clickflix” Malware Targets YouTube

Do Son March 26, 2025

A new report from CloudSEK highlights a sophisticated malware campaign targeting YouTube content creators through spearphishing tactics....

SectopRAT: A Deep Dive into a Stealthy .NET-Based Trojan SectopRAT Trojan

SectopRAT Trojan

SectopRAT: A Deep Dive into a Stealthy .NET-Based Trojan

Do Son March 26, 2025

Security researcher Chris Campbell at Inde has provided an in-depth analysis of SectopRAT, a Remote Access Trojan...

NetApp SnapCenter Users at Risk: CVSS 9.9 Privilege Escalation Alert CVE-2025-26512

CVE-2025-26512

NetApp SnapCenter Users at Risk: CVSS 9.9 Privilege Escalation Alert

Do Son March 26, 2025

A high-severity security vulnerability has been discovered in NetApp SnapCenter, posing a significant risk to systems utilizing...

New Android Malware Campaign Uses .NET MAUI to Evade Detection Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

New Android Malware Campaign Uses .NET MAUI to Evade Detection

Do Son March 26, 2025

Cybercriminals are constantly seeking new ways to bypass security measures, and a recent report from McAfee Labs...

Apache VCL Hit by SQL Injection (CVE-2024-53678) and XSS (CVE-2024-53679) Vulnerabilities CVE-2024-53678 & CVE-2024-53679

CVE-2024-53678 & CVE-2024-53679

Apache VCL Hit by SQL Injection (CVE-2024-53678) and XSS (CVE-2024-53679) Vulnerabilities

Do Son March 26, 2025

Apache VCL (Virtual Computing Lab), a widely-used open-source cloud computing platform designed to deliver custom computing environments,...

Cybercriminals Target Gamers with Browser-in-the-Browser Phishing Attacks

Browser-in-the-Browser Phishing

Cybercriminals Target Gamers with Browser-in-the-Browser Phishing Attacks

Do Son March 26, 2025

A new phishing campaign employing sophisticated “browser-in-the-browser” (BitB) techniques has been uncovered by Silent Push Threat Analysts,...

Microsoft Unleashes AI Agents to Supercharge Cybersecurity Defenses Microsoft Security Copilot agents

Microsoft Security Copilot agents

Microsoft Unleashes AI Agents to Supercharge Cybersecurity Defenses

Do Son March 26, 2025

Microsoft is doubling down on AI-powered security, announcing a significant expansion of its Security Copilot platform with...

CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign CVE-2025-2783 - Operation ForumTroll

CVE-2025-2783 - Operation ForumTroll

CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign

Do Son March 25, 2025

Kaspersky Labs has uncovered a sophisticated cyber-espionage campaign—dubbed Operation ForumTroll—leveraging a previously unknown Google Chrome zero-day exploit,...

CVE-2025-26633: Water Gamayun Exploits Windows MMC in Active Zero-Day Campaign

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CVE-2025-26633: Water Gamayun Exploits Windows MMC in Active Zero-Day Campaign

Do Son March 25, 2025

A zero-day vulnerability tracked as CVE-2025-26633 is being actively exploited in the wild by a sophisticated Russian-linked...

Microsoft Edge for Business Bolsters Security with Enhanced Data Protection for BYOD and AI

Data Protection

Microsoft Edge for Business Bolsters Security with Enhanced Data Protection for BYOD and AI

Do Son March 25, 2025

Microsoft has announced significant advancements in data protection for its Edge for Business browser, specifically targeting the...

Digital Deception: Kubient CEO Sentenced for $1.3 Million Fraud Scheme EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

Digital Deception: Kubient CEO Sentenced for $1.3 Million Fraud Scheme

Do Son March 25, 2025

In a case underscoring the dangers of deceptive corporate practices in the tech world, Paul Roberts, the...

DNMiner: New Opportunities for Wealth, Cloud Mining Helps Achieve Financial Goals CVE-2024-55563 - transaction-relay jamming attack

CVE-2024-55563 - transaction-relay jamming attack

DNMiner: New Opportunities for Wealth, Cloud Mining Helps Achieve Financial Goals

Do Son March 25, 2025

In today’s era of rapid development of the digital economy, the rise of blockchain technology and cryptocurrency...

Cloudflare Pulls the Plug on HTTP: API Now HTTPS-Only Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Pulls the Plug on HTTP: API Now HTTPS-Only

Do Son March 25, 2025

Cloudflare, the internet services provider, has recently announced the complete deactivation of HTTP connections to its API...

Linux Kernel 6.14 Arrives: New Features and Improvements Unveiled Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Linux Kernel 6.14 Arrives: New Features and Improvements Unveiled

Do Son March 25, 2025

The Linux Kernel 6.14 stable release has officially been unveiled. While this marks the latest iteration of...