Do Son, Author at Daily CyberSecurity • Page 357 of 732

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware SocGholish Windows malware

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware

Do Son February 3, 2025

A new report reveals that over 10,000 WordPress websites have been compromised to deliver malware targeting both...

Lumma Stealer Uses GitHub as a Malware Delivery Platform Artivion cybersecurity - Zero-Day Attacks

Lumma Stealer Uses GitHub as a Malware Delivery Platform

Do Son February 3, 2025

Cybersecurity researchers at Trend Micro Managed XDR have uncovered a sophisticated malware campaign that leverages GitHub’s release...

7.8 CVE-2024-53104: Critical Zero-Day Vulnerability Patched in February 2025 Android Security Update Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

7.8 CVE-2024-53104: Critical Zero-Day Vulnerability Patched in February 2025 Android Security Update

Do Son February 3, 2025

The February 2025 Android security update addresses 46 vulnerabilities, including a critical zero-day kernel vulnerability actively exploited...

Canadian Hacker Indicted for $65 Million DeFi Exploit Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Canadian Hacker Indicted for $65 Million DeFi Exploit

Do Son February 3, 2025

The U.S. Department of Justice (DOJ) has unsealed a five-count criminal indictment against a Canadian man accused...

Critical MediaTek’s February 2025 Security Bulletin: Critical WLAN Vulnerabilities Expose Millions to Remote Attacks MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

Critical MediaTek’s February 2025 Security Bulletin: Critical WLAN Vulnerabilities Expose Millions to Remote Attacks

Do Son February 3, 2025

MediaTek has released its February 2025 Product Security Bulletin, addressing several high-severity vulnerabilities affecting its chipsets used...

Cristal Intelligence: SoftBank’s $3B Bet on OpenAI SoftBank OpenAI $41 billion investment, Masayoshi Son AGI wager Cristal Intelligence - SB OpenAI Japan

Cristal Intelligence: SoftBank’s $3B Bet on OpenAI

Do Son February 3, 2025

In addition to recent reports suggesting a potential $25 billion investment in OpenAI, positioning itself to surpass...

ChatGPT’s Deep Research: AI-Powered Web Exploration OpenAI Deep Research

ChatGPT’s Deep Research: AI-Powered Web Exploration

Do Son February 3, 2025

Following the launch of its search functionality in ChatGPT, OpenAI has now introduced “Deep Research,” an advanced...

CompTIA Linux+: Exploring Its Benefits and Career Paths CompTIA

CompTIA Linux+: Exploring Its Benefits and Career Paths

Do Son February 3, 2025

In the world of technology, Linux has proven itself as a cornerstone of modern IT infrastructure. From...

Sanctions Risk in Open Source: Linux Foundation Offers Guidance Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Sanctions Risk in Open Source: Linux Foundation Offers Guidance

Do Son February 3, 2025

The open-source world, built on collaboration and shared code, faces a growing challenge: navigating the complex landscape...

Microsoft to Kill its 365 VPN: What You Need to Know student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft to Kill its 365 VPN: What You Need to Know

Do Son February 3, 2025

In a move that’s sure to raise eyebrows and questions about its commitment to user privacy, Microsoft...

9.8 PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8) Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

9.8 PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8)

Do Son February 2, 2025

A newly discovered race condition in Apple’s macOS kernel (XNU) could allow attackers to escalate privileges, corrupt...

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

Do Son February 2, 2025

Cybersecurity researchers at Socket have uncovered a new supply chain attack orchestrated by Lazarus Group, the notorious...

8.8 CVE-2024-57376: End-of-Life D-Link Routers Vulnerable to Unauthenticated RCE CVE-2024-57376 - DSL-3788 Router Vulnerability

8.8 CVE-2024-57376: End-of-Life D-Link Routers Vulnerable to Unauthenticated RCE

Do Son February 2, 2025

D-Link has updated a security advisory warning of a critical buffer overflow vulnerability affecting several end-of-life routers....

Devil-Traff: The New SMS Phishing Platform Exploited by Cybercriminals

Do Son February 2, 2025

Security researcher Daniel Kelley at SlashNext has unveiled a new threat to cybersecurity: Devil-Traff, a bulk SMS...

9.8 CVE-2025-0477 (CVSS 9.8): Critical Security Flaw in Rockwell Automation’s FactoryTalk AssetCentre

Do Son February 2, 2025

Industrial automation giant Rockwell Automation has issued a security advisory addressing multiple critical vulnerabilities in its FactoryTalk...

The Hidden Cyber Trap: How Compromised Websites and Malicious AdTech Manipulate Users

Do Son February 2, 2025

In the cybersecurity world, analysts often focus on the adversary’s tactics, techniques, and procedures (TTPs), but what...

9.8 CVE-2025-0851 (CVSS 9.8): Deep Java Library Vulnerability Allows Path Traversal Exploits

Do Son February 2, 2025

A newly discovered vulnerability in the Deep Java Library (DJL) has been found to leave systems open...

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond

Do Son February 2, 2025

Since its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely...

.Gov No More: Government Domains Weaponized in Phishing Surge Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

.Gov No More: Government Domains Weaponized in Phishing Surge

Do Son February 2, 2025

A recent Cofense Intelligence report has uncovered a troubling trend: threat actors are increasingly abusing .gov top-level...

Critical Unrestricted Access: A Simple Web Misconfiguration Exposes Critical Data

Do Son February 2, 2025

A recent report by CloudSEK’s BeVigil reveals how a common web misconfiguration, namely enabled directory listings, led...