A new report by Amnesty International reveals that NSO Group’s Pegasus spyware was used to target iPhones...
Do Son
Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.
Threat actors have begun exploiting a critical vulnerability in the Apache Struts framework, CVE-2024-53677, just days after...
A serious security flaw has been discovered in Laravel Pulse, a popular real-time application performance monitoring and...
A recent report from CloudSek’s Threat Researcher Team exposes a highly sophisticated phishing campaign that targets popular...
A new Federal Trade Commission (FTC) report reveals a dramatic rise in online job scams targeting consumers...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities...
Unit 42 has uncovered HeartCrypt, a Packer-as-a-Service (PaaS) designed to protect malware from detection. Since its launch...
A critical XML External Entity (XXE) Injection vulnerability, identified as CVE-2024-55875, has been discovered in the http4k...
Elastic Security Labs has revealed a significant evolution in malware development with the discovery of GOSAR, a...
Zscaler ThreatLabz has uncovered a novel malware campaign leveraging Node.js applications for Windows to deliver cryptocurrency miners...
Trend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This...
According to Datadog Security Labs, a cybercriminal group known as MUT-1244 has launched a sophisticated attack campaign...
OpenAI experienced a significant service disruption on December 11, 2024, impacting all its services, including ChatGPT, the...
A critical vulnerability in the Spring Framework, tracked as CVE-2024-38819 (CVSS score 7.5), has been publicly disclosed,...
In a critical revelation highlighting the vulnerabilities of IoT ecosystems, Team82 has published a report detailing 10...
A critical security vulnerability, tracked as CVE-2024-45337 (CVSS 9.1), has been discovered in the Golang cryptography library....
A new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret...
Silent Push Threat Analysts have revealed a widespread malvertising campaign exploiting Google Ads to target graphic design...
X41 D-Sec GmbH, a leading cybersecurity firm, has completed a white-box penetration test of the Mullvad VPN...
The password era is coming to an end, and Microsoft is leading the charge with passkeys, a...
In a recent investigation, Aqua Nautilus uncovered alarming security vulnerabilities within the Prometheus ecosystem. Their research highlights...
A discovery by XLab has detailed Glutton, a stealthy PHP backdoor targeting both traditional organizations and the...