Do Son, Author at Daily CyberSecurity • Page 328 of 732

AMOS Stealer Reloaded: Inside a Fully Undetected macOS Data Heist Open

AMOS Stealer Reloaded: Inside a Fully Undetected macOS Data Heist

Do Son March 24, 2025

macOS users, beware. A new, fully undetected (FUD) version of the AMOS Stealer is out in the...

7.5 Nuxt Users Beware: CVE-2025-27415 Opens the Door to Cache Poisoning Attacks

Do Son March 24, 2025

A newly discovered vulnerability in the popular Nuxt framework could allow attackers to poison CDN caches and...

ABYSSWORKER: The EDR-Killing Driver Lurking in the Shadows Fortinet EMS - CVE-2023-48788 Medusa Ransomware TTPs

ABYSSWORKER: The EDR-Killing Driver Lurking in the Shadows

Do Son March 24, 2025

Elastic Security Labs has been closely monitoring a financially motivated campaign leveraging MEDUSA ransomware, delivered through a...

Why Security Simulation Training Is Crucial to Preventing Fraud Attacks

Do Son March 23, 2025

A recent fraud research report by a global account validation platform paints a stark picture of the...

Fake Cloudflare Verification Prompts Deliver LummaStealer Trojan Through Infected WordPress Sites

Do Son March 23, 2025

A widespread malware campaign is abusing fake Cloudflare verification prompts to trick users into running malicious PowerShell...

5.8 CVE-2025-27888: Apache Druid Flaw Opens Door to SSRF and XSS Risks in Real-Time Analytics Platforms

Do Son March 23, 2025

Apache has disclosed a critical security vulnerability in Apache Druid, a real-time analytics database widely used for...

4.3 CVE-2025-1758: Critical Buffer Overflow in Kemp LoadMaster Opens Door to Remote Code Execution Sitefinity critical vulnerabilities Sitefinity security update CVE-2024-7763 - CVE-2024-8785 exploit CVE-2025-1758

Sitefinity critical vulnerabilities Sitefinity security update CVE-2024-7763 - CVE-2024-8785 exploit CVE-2025-1758

4.3 CVE-2025-1758: Critical Buffer Overflow in Kemp LoadMaster Opens Door to Remote Code Execution

Do Son March 23, 2025

A high-severity vulnerability has been identified in Progress Software’s Kemp LoadMaster, a popular application delivery controller (ADC)...

Telegram Bot Formatting HTML formatting, Markdown update, bot development Telegram Passkey SMS Login Replacement Telegram Zero-Click Vulnerability

Operation Zero Offers Millions for Telegram Zero-Click Exploits

Do Son March 23, 2025

The Russian vulnerability broker, Operation Zero, is a company specializing in the acquisition and sale of security...

Europol Cracks Down on €6.7M Hearing Aid Fraud Scheme Exploiting French Healthcare

Do Son March 22, 2025

In a high-impact cross-border operation, Europol has dismantled a criminal network responsible for a massive €6.7 million...

RansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware Attacks RansomHub ransomware gang - Betruger backdoor

RansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware Attacks

Do Son March 22, 2025

A new report from Symantec Threat Hunter Team reveals that at least one affiliate of the RansomHub...

Critical Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Critical Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover

Do Son March 22, 2025

Esri has disclosed a critical vulnerability in its ArcGIS Enterprise platform that could allow attackers to hijack...

Dragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge Between Cybercrime and Propaganda Dragon Team ransom note

Dragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge Between Cybercrime and Propaganda

Do Son March 22, 2025

A new Ransomware-as-a-Service (RaaS) player is carving out its niche in the ever-evolving threat landscape. Known as...

10.0 CVE-2024-10442: Synology Replication Service Vulnerability Scores Maximum CVSS Rating Synology Chat Server vulnerabilities Synology security update Synology DSM Update NAS Security Vulnerability Synology VPN Update SSL VPN Vulnerability Synology Telnet Flaw DSM Security Update Synology DSM Telnet vulnerability BeeStation Zero-Day, Pwn2Own RCE CVE-2024-11131 & CVE-2024-10442 CVE-2025-2848 Synology, NAS

10.0 CVE-2024-10442: Synology Replication Service Vulnerability Scores Maximum CVSS Rating

Do Son March 20, 2025

Synology has released updated security advisories detailing a critical vulnerability in its Replication Service. The vulnerability allows...

Spring Security Updates Address Authorization Bypass and Password Length Vulnerabilities CVE-2024-38821 - CVE-2025-22223 and CVE-2025-22228 Spring Framework vulnerability, Spring Security

CVE-2024-38821 - CVE-2025-22223 and CVE-2025-22228 Spring Framework vulnerability, Spring Security

Spring Security Updates Address Authorization Bypass and Password Length Vulnerabilities

Do Son March 20, 2025

Spring, a widely used framework for Java-based applications, has disclosed two significant security vulnerabilities that could lead...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Web Shell to Ransomware: New VMware Attack Vector Exposed by Sygnia

Do Son March 20, 2025

Cybersecurity researchers at Sygnia have uncovered a new attack method that exploits recent VMware vulnerabilities (CVE-2025-22224, CVE-2025-22225,...

Critical Critical WordPress Plugin Vulnerability Exposes Over 40,000 Websites to Code Execution Attacks

Do Son March 20, 2025

A critical security vulnerability has been discovered in the popular Age Gate plugin for WordPress, potentially exposing...

New “Arcane Stealer” Malware Targets Gamers Through YouTube Cheats

Do Son March 20, 2025

A new and sophisticated stealer malware named “Arcane” is targeting gamers byDistribution through YouTube videos promoting game...

Rust Beacon Deploys Cobalt Strike in South Korean Cyber Intrusion Campaign

Do Son March 20, 2025

Hunt researchers have uncovered a cyber intrusion campaign targeting South Korean organizations, utilizing a sophisticated combination of...

10 IBM AIX Security Breach: CVE-2024-56346 (CVSS 10) & CVE-2024-56347 Explained IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

10 IBM AIX Security Breach: CVE-2024-56346 (CVSS 10) & CVE-2024-56347 Explained

Do Son March 20, 2025

IBM has released a security bulletin detailing critical vulnerabilities in AIX that could allow remote attackers to...

VenomRAT Malware Delivered via Virtual Hard Disk Images

Do Son March 20, 2025

Threat actors are constantly evolving their methods to slip past security measures and deliver malware. A recent...