Do Son, Author at Daily CyberSecurity • Page 365 of 732

Critical MintsLoader Campaign Targets Critical Sectors with Sophisticated Malware Delivery StealC operator panel

Critical MintsLoader Campaign Targets Critical Sectors with Sophisticated Malware Delivery

Do Son January 20, 2025

The eSentire Threat Response Unit (TRU) has uncovered a new malware campaign leveraging a tool called MintsLoader...

US Sanctions Chinese Hackers for Cyber Espionage Campaign IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

US Sanctions Chinese Hackers for Cyber Espionage Campaign

Do Son January 20, 2025

The U.S. Department of State has announced sanctions against two Chinese entities, Yin Kecheng and Sichuan Juxinhe...

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware

Do Son January 20, 2025

A sophisticated cyber-espionage campaign targeting organizations across China, Hong Kong, and Taiwan has been uncovered by Intezer’s...

Task Manager Ghost Process WinRE Input Fix Windows Search Copilot+ PCs

Exploring the AI-Powered Windows Search Copilot+ PCs Feature

Do Son January 20, 2025

Microsoft recently unveiled a new experimental feature for participants in the Windows 11 Insider Program, enabling users...

Critical Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities Oracle Critical Patch Update 2025

Critical Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities

Do Son January 20, 2025

Oracle has released its Critical Patch Update Pre-Release Announcement for January 2025, providing advance notice of the...

ChatGPT Crawler Vulnerability: DDoS Attacks via HTTP Requests

Do Son January 20, 2025

The behavior of ChatGPT’s web crawler can be exploited through a discovered vulnerability: under specific query conditions,...

o3-mini: OpenAI’s New AI Model Coming Soon o3-mini GPT-5 GPT-4 retirement, GPT-4o ChatGPT quota, OpenAI update

o3-mini: OpenAI’s New AI Model Coming Soon

Do Son January 20, 2025

OpenAI CEO Sam Altman has revealed plans to launch the o3-mini artificial intelligence model within the coming...

TikTok Ban Extended as Trump Pushes for U.S. Equity in Joint Venture TikTok acquisition TikTok, U.S.-China deal TikTok M2, US DivestmentTrump saves TikTok

TikTok acquisition TikTok, U.S.-China deal TikTok M2, US DivestmentTrump saves TikTok

TikTok Ban Extended as Trump Pushes for U.S. Equity in Joint Venture

Do Son January 19, 2025

After ByteDance voluntarily ceased TikTok’s operations within the United States, it issued a statement within less than...

7.8 Zero-Day Vulnerability in Windows Exploited: CVE-2024-49138 PoC Code Released

Do Son January 19, 2025

Security researcher MrAle_98 recently published a proof-of-concept (PoC) exploit for a zero-day vulnerability, CVE-2024-49138. This flaw, which...

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts

Do Son January 19, 2025

Microsoft Threat Intelligence has uncovered a new spear-phishing campaign orchestrated by the Russian threat actor known as...

9.0 CVE-2025-2306 (CVSS 9.0): Mongoose Flaw Leaves Millions of Downloads Exposed to Search Injection

Do Son January 19, 2025

A newly discovered vulnerability in Mongoose, a popular MongoDB object modeling tool, could leave millions of users...

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit Malicious Discord PyPI Package

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit

Do Son January 19, 2025

The Socket research team has identified a malicious Python package on PyPI named pycord-self, targeting developers working...

Sneaky 2FA: A New Adversary-in-the-Middle Phishing-as-a-Service Threat

Do Son January 19, 2025

SEKOIA’s Threat Detection & Research (TDR) team has exposed a new Adversary-in-the-Middle (AiTM) phishing kit, dubbed “Sneaky...

Black Basta Exploits Microsoft Teams for Phishing Attacks SloppyLemming

Black Basta Exploits Microsoft Teams for Phishing Attacks

Do Son January 19, 2025

NVISO Labs has uncovered a sophisticated phishing campaign attributed to the ransomware group Black Basta, leveraging Microsoft...

Critical Critical Vulnerabilities in QNX Software Development Platform Image Codecs Expose Systems to Attacks

Do Son January 19, 2025

BlackBerry’s QNX Software Development Platform (SDP), a widely used real-time operating system in safety-critical industries, is the...

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns Truth Social Fraud

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns

Do Son January 19, 2025

Truth Social, the social media platform launched by Trump Media & Technology Group in 2022, has become...

IoT Botnet Fuels Large-Scale DDoS Attacks Targeting Global Organizations

Do Son January 19, 2025

A newly discovered IoT botnet has been linked to a series of large-scale distributed denial-of-service (DDoS) attacks...

Cyber Security Services: Protecting Your Business in the Digital Age web-8989999_1280

Cyber Security Services: Protecting Your Business in the Digital Age

Do Son January 19, 2025

As the digital revolution advances, so do cyber threats to new levels. As companies adopt new digital...

9.2 CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

9.2 CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series

Do Son January 18, 2025

Moxa has issued a security advisory detailing CVE-2024-12297 (CVSS 9.2), a critical vulnerability in its EDS-508A Series...

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique

Do Son January 18, 2025

North Korea’s notorious Lazarus APT group has been observed employing advanced social engineering tactics in a campaign...