Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623) FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623)

Do Son December 11, 2024

Organizations using Cleo file transfer software are urged to take immediate action as a critical vulnerability, CVE-2024-50623,...

“Aggressive Inventory Zombies”: Unmasking a Massive Phishing and Pig-Butchering Network Evil Corp

Evil Corp

“Aggressive Inventory Zombies”: Unmasking a Massive Phishing and Pig-Butchering Network

Do Son December 11, 2024

Silent Push Threat Analysts have shed light on a large-scale phishing and pig-butchering network targeting retail brands...

BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV CVE-2024-21944 - BadRAM vulnerability

CVE-2024-21944 - BadRAM vulnerability

BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV

Do Son December 11, 2024

A collaborative research effort has exposed a significant vulnerability, designated CVE-2024-21944 and named “BadRAM,” that undermines the...

Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion Chinese espionage groups APT35 Phishing, Stormshield CTI

Chinese espionage groups APT35 Phishing, Stormshield CTI

Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion

Do Son December 11, 2024

Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a...

Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data

Do Son December 11, 2024

A recent report by the Socket Research Team uncovers a sophisticated typosquatting attack targeting developers using the...

CVE-2024-11274: GitLab Vulnerability Exposes User Accounts GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

CVE-2024-11274: GitLab Vulnerability Exposes User Accounts

Do Son December 11, 2024

GitLab has issued an important security update addressing a range of vulnerabilities affecting multiple versions of its...

ChatGPT and Sora Go Offline: OpenAI Scrambles to Restore Service Amid Global Outage ChatGPT and Sora Outage

ChatGPT and Sora Outage

ChatGPT and Sora Go Offline: OpenAI Scrambles to Restore Service Amid Global Outage

Do Son December 11, 2024

In a sudden and unexpected turn of events, OpenAI’s ChatGPT, the AI chatbot that has taken the...

CVE-2024-53247: Splunk Secure Gateway App Vulnerability Allows Remote Code Execution

Splunk Enterprise vulnerabilities, CVSS 9.8 flaw, CVE-2026-20253, CVE-2026-20251, CVE-2026-20258 Splunk Enterprise Vulnerabilities CVE-2026-20240 Splunk RCE CVE-2026-20204 Splunk RCE Vulnerability CVE-2026-20163 Splunk Enterprise Vulnerabilities CVE-2026-20140 Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

CVE-2024-53247: Splunk Secure Gateway App Vulnerability Allows Remote Code Execution

Do Son December 11, 2024

A critical vulnerability has been discovered in the Splunk Secure Gateway app that could allow a low-privileged...

Android Users Targeted: AppLite Trojan Disguised as Popular Apps tech-threat

tech-threat

Android Users Targeted: AppLite Trojan Disguised as Popular Apps

Do Son December 11, 2024

zLabs has uncovered AppLite, a sophisticated new variant of the AntiDot banking trojan, targeting Android devices through...

CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach CVE 2020-12271 - Guan Tianfeng

CVE 2020-12271 - Guan Tianfeng

CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach

Do Son December 11, 2024

The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national...

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Operation Digital Eye

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Do Son December 11, 2024

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to...

CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended CVE-2023-35081 & CVE-2024-11639

CVE-2023-35081 & CVE-2024-11639

CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended

Do Son December 10, 2024

Ivanti, a leading provider of IT management and security solutions, has released critical security updates for the...

UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base UAC-0185 - MESHAGENT RAT

UAC-0185 - MESHAGENT RAT

UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base

Do Son December 10, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a security advisory (CERT-UA#12414) detailing a sophisticated...

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities

Do Son December 10, 2024

Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and...

Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS

Do Son December 10, 2024

Jamf Threat Labs has identified a vulnerability in Apple’s Transparency, Consent, and Control (TCC) security framework. Designated...

Microsoft Strengthens Default Security Posture Against NTLM Relay Attacks

NTLM Relay Attacks

Microsoft Strengthens Default Security Posture Against NTLM Relay Attacks

Do Son December 10, 2024

Microsoft has announced significant enhancements to its default security configuration, aimed at mitigating the risk of NTLM...

CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software CVE-2024-52335 HylaFAX, AvantFAX vulnerability

CVE-2024-52335 HylaFAX, AvantFAX vulnerability

CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software

Do Son December 10, 2024

Siemens Healthineers has released a critical security update to address an unauthenticated SQL injection vulnerability in its...

Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications Foomuuri Vulnerability CVE-2025-67603 bypass WAF protections

Foomuuri Vulnerability CVE-2025-67603 bypass WAF protections

Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications

Do Son December 10, 2024

In a recently disclosed analysis, Zafran’s research team has unveiled a pervasive misconfiguration vulnerability affecting some of...

No Warning, No Data: Hetzner Terminates Kiwix Account Abruptly

Hetzner Terminates Kiwix

No Warning, No Data: Hetzner Terminates Kiwix Account Abruptly

Do Son December 10, 2024

A recent incident involving Hetzner, a well-known European cloud hosting provider, and Kiwix, a non-profit organization dedicated...

Apache Superset Patches Multi Security Flaws in Latest Release CVE-2024-53947, CVE-2024-53948, and CVE-2024-53949

CVE-2024-53947, CVE-2024-53948, and CVE-2024-53949

Apache Superset Patches Multi Security Flaws in Latest Release

Do Son December 10, 2024

The Apache Software Foundation has announced the release of Apache Superset 4.1.0, an important update that addresses...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...
CVE-2026-20253CVSS 9.8
In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
CVE-2026-20182CVSS 10.0
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and...