Cybersecurity experts at Symantec report that the Chinese threat actor Emperor Dragonfly has employed tools previously associated...
Do Son
Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.
Cybersecurity researchers at Codean Labs have discovered two vulnerabilities in LibreOffice, allowing arbitrary file writes and remote...
Cybersecurity researchers at Insikt Group have identified an ongoing cyber espionage campaign by RedMike (also tracked as...
Researchers at eSentire Threat Response Unit (TRU) uncovered a sophisticated cyber espionage campaign by RedCurl/EarthKapre, a threat...
Juniper Networks has released an out-of-cycle security bulletin addressing a critical authentication bypass vulnerability in its Session...
Researchers from Trend Micro’s Threat Hunting team have discovered a new campaign by the advanced persistent threat...
A recently disclosed vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now under active attack. This high-severity...
AMD has released security updates addressing multiple vulnerabilities in its EPYC and Ryzen Embedded processors, some of...
A critical security vulnerability has been discovered in the popular s2Member Pro plugin for WordPress, potentially affecting...
Microsoft Threat Intelligence has uncovered an active and ongoing phishing campaign conducted by the threat actor Storm-2372,...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory detailing multiple critical vulnerabilities affecting mySCADA’s...
Researchers at CloudSEK have uncovered a large-scale Search Engine Poisoning (SEP) campaign targeting Indian government, educational, and...
Microsoft Threat Intelligence has discovered a new variant of the XCSSET malware targeting macOS users. This sophisticated...
Cybersecurity researcher Brutecat has uncovered two security vulnerabilities in YouTube platform. Despite Google’s assurances regarding user privacy...
In October 2024, Microsoft confirmed that Windows Server 2025 may encounter a boot device inaccessible error under...
Following the recent $97.4 billion acquisition proposal for OpenAI-related assets, which was formally rejected through a court...
A serious vulnerability has been discovered in PHP, potentially exposing websites and applications to SQL injection attacks....
Cybersecurity researchers at Volexity have uncovered a series of targeted phishing and social engineering campaigns by multiple...
Rapid7 researchers have discovered a high-severity SQL injection vulnerability (CVE-2025-1094) in PostgreSQL’s interactive tool, psql. This vulnerability,...
Cybersecurity researchers at SlashNext have discovered a sophisticated new phishing kit dubbed “Astaroth” that is capable of...
Cybersecurity researchers at JPCERT/CC have uncovered a significant upgrade to the SPAWN malware family, introducing SPAWNCHIMERA, a...
Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate...