Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Microsoft Edge for Android: Extension Support Finally Arrives Edge Extensions for Android

Edge Extensions for Android

Microsoft Edge for Android: Extension Support Finally Arrives

Do Son March 16, 2025

Early in 2024, Microsoft began testing extension support for Microsoft Edge on Android. During the initial testing...

Google Antitrust: Mozilla Warns of Browser Choice Collapse Anthony Enzor-DeMeo Mozilla CEO, Firefox AI Mode 2026 Ad blockers, Copyright Law Firefox China, Mozilla Restructuring Mozilla Add-ons, Policy Update Mozilla leadership - Mozilla collect data Google Antitrust Antitrust Trial

Anthony Enzor-DeMeo Mozilla CEO, Firefox AI Mode 2026 Ad blockers, Copyright Law Firefox China, Mozilla Restructuring Mozilla Add-ons, Policy Update Mozilla leadership - Mozilla collect data Google Antitrust Antitrust Trial

Google Antitrust: Mozilla Warns of Browser Choice Collapse

Do Son March 16, 2025

The U.S. Department of Justice’s (DOJ) antitrust lawsuit against Google is ongoing, with proposed remedies that include...

Android Revolution: Gemini Replaces Assistant on All Devices Gemini Code Assist Android free electrician training, AI energy demand

Gemini Code Assist Android free electrician training, AI energy demand

Android Revolution: Gemini Replaces Assistant on All Devices

Do Son March 16, 2025

When Google launched the Gemini Live service powered by Gemini Advanced AI with last year’s Pixel 9...

OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack Deep

Deep

OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack

Do Son March 16, 2025

A new report from K7 Labs has uncovered a sophisticated Android banking Trojan campaign that uses the...

Credit Card Skimmer and Backdoor Found Lurking on WordPress E-commerce Site WordPress Backdoor

WordPress Backdoor

Credit Card Skimmer and Backdoor Found Lurking on WordPress E-commerce Site

Do Son March 16, 2025

A new report from Sucuri reveals the increasingly sophisticated tactics employed by cybercriminals targeting e-commerce websites. In...

SteamOS Arrives: The Handheld Gaming Revolution Steam 64-bit Windows transition, Steam 32-bit end of life January 2026 SteamOS Steam Windows 10 32-bit

Steam 64-bit Windows transition, Steam 32-bit end of life January 2026 SteamOS Steam Windows 10 32-bit

SteamOS Arrives: The Handheld Gaming Revolution

Do Son March 15, 2025

Valve’s launch of the Steam Deck unveiled the latent market potential for handheld gaming consoles, prompting manufacturers...

Samsung Soundbar Bricked: Disable Updates Now!

Samsung MagicInfo9 Vulnerability CVE-2026-25202 Galaxy S26 benchmarks Samsung HBM4 NVIDIA certification Samsung Bixby Perplexity integration, One UI 8.5 AI assistant Samsung Taylor 2nm mass production, TSMC 2nm capacity constraint 2026 Samsung SATA SSD Discontinuation, SSD Market Shift Samsung SATA SSD Discontinuation, M.2 Market Shift Samsung Foundry 4nm Yield Tsavorite OPU Chip Order Samsung Project Moohan, Android XR Samsung OpenAI Partnership, AI Infrastructure Samsung Exynos 2600, 2nm GAA Tesla AI Chips, Samsung Foundry Deal Samsung Foldables, Galaxy Unpacked 2025 Samsung AI, Perplexity AI Samsung data breach Q990D firmware US tariffs

Samsung Soundbar Bricked: Disable Updates Now!

Do Son March 15, 2025

If you currently own a Samsung-branded soundbar, it is advisable to temporarily disable automatic updates, as Samsung’s...

8.6 Popular GitHub Action “tj-actions/changed-files” Compromised (CVE-2025-30066) GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

8.6 Popular GitHub Action “tj-actions/changed-files” Compromised (CVE-2025-30066)

Do Son March 15, 2025

A critical security incident has been detected involving the widely-used GitHub Action “tj-actions/changed-files”. Step Security is actively...

North Korean ScarCruft APT Targets Users with Novel KoSpy Android Spyware

KoSpy Android spyware

North Korean ScarCruft APT Targets Users with Novel KoSpy Android Spyware

Do Son March 15, 2025

A new Android surveillance tool, dubbed KoSpy, has been discovered by Lookout Threat Lab researchers, with evidence...

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware Booking Phishing Campaign

Booking Phishing Campaign

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware

Do Son March 15, 2025

A sophisticated phishing campaign impersonating Booking.com is targeting organizations in the hospitality industry, using a novel social...

Virginia Man Sentenced to 78 Months for Tax Evasion and $1.3M Trading Bot Scam FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

Virginia Man Sentenced to 78 Months for Tax Evasion and $1.3M Trading Bot Scam

Do Son March 14, 2025

Rick Tariq Rahim, a Great Falls, Virginia businessman, has been sentenced to 78 months in prison for...

Major LockBit Ransomware Developer Extradited to U.S. Lockbit ransomware disrupted LockBit Ransomware Developer

Lockbit ransomware disrupted LockBit Ransomware Developer

Major LockBit Ransomware Developer Extradited to U.S.

Do Son March 14, 2025

Recently, a dual Russian and Israeli national, Rostislav Panev, 51, has been extradited to the United States...

10 CVE-2025-26701 (CVSS 10): Percona PMM OVA Users at Risk of Unauthorized Access

10 CVE-2025-26701 (CVSS 10): Percona PMM OVA Users at Risk of Unauthorized Access

Do Son March 14, 2025

A critical security vulnerability has been identified in Percona Monitoring and Management (PMM) Open Virtual Appliance (OVA)...

Squid Werewolf APT Masquerades as Recruiters in Espionage Campaign Targeting Key Employees WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Squid Werewolf APT Masquerades as Recruiters in Espionage Campaign Targeting Key Employees

Do Son March 14, 2025

The BI.ZONE Threat Intelligence team has uncovered a new cyber-espionage campaign attributed to Squid Werewolf, also known...

Head Mare and Twelve: Inside the Collaboration Targeting Russian Companies two hacktivist groups: Head Mare and Twelve

two hacktivist groups: Head Mare and Twelve

Head Mare and Twelve: Inside the Collaboration Targeting Russian Companies

Do Son March 14, 2025

In a series of attacks targeting Russian companies in September 2024, cybersecurity researchers uncovered evidence of collaboration...

The Financial Toolkit Every Business Owner Needs toolkit

toolkit

The Financial Toolkit Every Business Owner Needs

Do Son March 14, 2025

Managing a business involves countless decisions, but every business owner must get their financial game right. How...

Retaining Your Talent: Building a Development Plan That Works build

build

Retaining Your Talent: Building a Development Plan That Works

Do Son March 14, 2025

What’s the secret to keeping your best employees? How do you ensure that the talented individuals who...

Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability Google Zero-Day Vulnerability

Google Zero-Day Vulnerability

Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability

Do Son March 13, 2025

In a coordinated effort to mitigate an actively exploited security vulnerability, Google, Apple, and Microsoft have released...

6.7 Juniper Issues Urgent Fix for Actively Exploited Junos OS Flaw – CVE-2025-21590 GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

6.7 Juniper Issues Urgent Fix for Actively Exploited Junos OS Flaw – CVE-2025-21590

Do Son March 13, 2025

Juniper Networks has released an out-of-cycle security bulletin addressing an actively exploited vulnerability in Junos OS that...

JSPSpy Webshells Found with Custom File Management Tool JSPSpy web shell

JSPSpy web shell

JSPSpy Webshells Found with Custom File Management Tool

Do Son March 13, 2025

Hunt researchers have recently uncovered a cluster of JSPSpy web shell servers with a surprising addition: a...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
CVE-2026-10735
Multiple plugins by ShapedPlugin contain a backdoor in various versions. This makes it possible for unauthenticated attackers to...
CVE-2026-20262CVSS 6.5
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated,...
CVE-2026-54420CVSS 8.5
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a...
CVE-2026-53435CVSS 8.8
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize...
CVE-2026-10795CVSS 8.1
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions...
CVE-2026-11645
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker...
CVE-2026-50751CVSS 9.3
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows...
CVE-2026-20245CVSS 7.8
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local...