Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

The 8,100-Repo Wipeout: Anthropic’s Sisyphean Battle to Scrub Claude Code from the Internet Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

The 8,100-Repo Wipeout: Anthropic’s Sisyphean Battle to Scrub Claude Code from the Internet

Do Son April 1, 2026

Yesterday, the acclaimed artificial intelligence development tool, Claude Code, inadvertently exposed its proprietary source code. Current intelligence...

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge

Do Son April 1, 2026

Magento remains a titan in the e-commerce space, currently “estimated to be running on more than 130,000...

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Do Son April 1, 2026

A trusted communication tool has been turned into a weapon of mass malware distribution. Check Point Research...

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System

Do Son April 1, 2026

The Vim project has issued a critical security advisory regarding a high-severity vulnerability that could allow attackers...

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor

Do Son April 1, 2026

The Google Threat Intelligence Group (GTIG) has issued an urgent warning regarding a sophisticated software supply chain...

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors

Do Son March 31, 2026

A critical security boundary in Kubernetes environments has been compromised. A new vulnerability note from CERT/CC has...

Top CISO Conferences Every Cybersecurity Leader Should Attend Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Top CISO Conferences Every Cybersecurity Leader Should Attend

Do Son March 31, 2026

Cyber risk hasn’t just intensified it has fundamentally changed. For most CISOs in 2026, the challenge isn’t...

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Do Son March 31, 2026

A high-severity security flaw has been identified within the core of the Perl programming language. Designated as...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Do Son March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder

Do Son March 31, 2026

In a major configuration oversight, the source code for Claude Code—Anthropic’s flagship agentic CLI tool—was recently leaked...

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap Reservation Hijacking Hotel Phishing

Reservation Hijacking Hotel Phishing

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap

Do Son March 31, 2026

Imagine receiving a WhatsApp message from your hotel’s Guest Relations team just days before your family vacation....

Under Active Attack: Nginx UI’s Critical 9.8 Vulnerability Exploited in the Wild Nginx UI RCE CVE-2026-42238 Nginx UI PoC CVE-2026-33032

Nginx UI RCE CVE-2026-42238 Nginx UI PoC CVE-2026-33032

Under Active Attack: Nginx UI’s Critical 9.8 Vulnerability Exploited in the Wild

Do Son March 31, 2026

The popular web-based management interface, Nginx UI, is under fire following the public disclosure of a critical...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Do Son March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

The End of the Open APK? Google’s 2026 Roadmap to “Vanquish” Unsigned Sideloading Android sideloading signature requirement

Android sideloading signature requirement

The End of the Open APK? Google’s 2026 Roadmap to “Vanquish” Unsigned Sideloading

Do Son March 31, 2026

Earlier this month, Google promulgated a recalibrated protocol for sideloading applications within the Android ecosystem. Under this...

Google Drive Deploys AI-Powered Ransomware Shields for All Users Google Drive ransomware detection

Google Drive ransomware detection

Google Drive Deploys AI-Powered Ransomware Shields for All Users

Do Son March 31, 2026

In September 2025, Google unveiled experimental ransomware detection and file restoration capabilities to a select cohort of...

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests GitHub Copilot PR advertising

GitHub Copilot PR advertising

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests

Do Son March 31, 2026

Recently, a developer disclosed that their team employed GitHub Copilot to rectify trivial typographical errors within a...

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author Kiss Loader Early Bird APC Injection

Kiss Loader Early Bird APC Injection

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author

Do Son March 31, 2026

While analyzing a new piece of malware dubbed “Kiss Loader,” G DATA Security Center found themselves in...

The $4.4 Billion Unraveling: Unity Shutters ironSource and Puts Supersonic on the Auction Block Unity ironSource shutdown game accessibility, Unity screen reader

Unity ironSource shutdown game accessibility, Unity screen reader

The $4.4 Billion Unraveling: Unity Shutters ironSource and Puts Supersonic on the Auction Block

Do Son March 31, 2026

Notwithstanding the ostensible brilliance of its 2025 fiscal ledger, the illustrious game engine architect, Unity, remains besieged...

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations FAUX#ELEVATE Living-off-the-Land Attack

FAUX#ELEVATE Living-off-the-Land Attack

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations

Do Son March 31, 2026

Cybersecurity researchers at Securonix have detailed the curtain on a sophisticated new threat campaign dubbed FAUX#ELEVATE. The...