Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover

Do Son March 21, 2026

Oracle has issued an urgent security alert following the discovery of a “Critical” rated vulnerability impacting its...

Weaponizing gcc: Inside the Stealthy ‘Hex’ Botnet’s On-Host Compilation Strategy Hex Botnet On-Host Compilation

Hex Botnet On-Host Compilation

Weaponizing gcc: Inside the Stealthy ‘Hex’ Botnet’s On-Host Compilation Strategy

Do Son March 21, 2026

Security researchers at Hunt Intelligence have exposed a growing 15-node botnet operation that utilizes a unique “on-host...

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw

Do Son March 21, 2026

Apple has broken new ground in its defensive strategy, utilizing a “Background Security Improvements” feature to deliver...

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints

Do Son March 20, 2026

Security researchers have issued a double warning for developers using the Spring Boot framework, identifying two high-severity...

New Mirai Variant and “Monaco” Miner Targeting Linux Devices Linux Malware CondiBot

Linux Malware CondiBot

New Mirai Variant and “Monaco” Miner Targeting Linux Devices

Do Son March 20, 2026

Security researchers at Eclypsium have identified two distinct and previously undocumented malware strains targeting Linux-based systems. On...

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes Windows libarchive Flaw CVE-2025-59284

Windows libarchive Flaw CVE-2025-59284

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes

Do Son March 20, 2026

Security researchers Len Sadowski and Oğuz Bektaş have publicly pulled back the curtain on a vulnerability within...

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets

Do Son March 20, 2026

A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters....

Engineering-First List: Top California Software Development Companies Andariel APT

Andariel APT

Engineering-First List: Top California Software Development Companies

Do Son March 20, 2026

Picking a software partner in California is easy. Choosing the right one is not. The difference usually...

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats

Do Son March 20, 2026

A massive malware distribution campaign has been uncovered targeting the global gaming community under the guise of...

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail Operation GhostMail Zero-Click XSS

Operation GhostMail Zero-Click XSS

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail

Do Son March 20, 2026

A sophisticated cyberespionage campaign, dubbed Operation GhostMail, has been detected targeting critical government infrastructure in Ukraine. Security...

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE CursorJack Cursor Vulnerability

CursorJack Cursor Vulnerability

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE

Do Son March 20, 2026

Security researchers at Proofpoint Threat Research have detailed a novel exploitation method dubbed CursorJack, which targets the...

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire

Do Son March 20, 2026

In a massive display of international cooperation, the U.S. Justice Department has joined forces with law enforcement...

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT Forbidden Hyena BlackReaperRAT

Forbidden Hyena BlackReaperRAT

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT

Do Son March 20, 2026

A detailed forensic investigation by BI.ZONE Threat Intelligence has unmasked a series of advanced cyber operations conducted...

The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers CVE-2024-22234 Spring Security Vulnerability CVE-2026-22732

CVE-2024-22234 Spring Security Vulnerability CVE-2026-22732

The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers

Do Son March 20, 2026

A critical-severity security flaw has been identified in Spring Security, the industry-standard framework for securing Java-based enterprise...

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats Iranian Cyberwarfare DOJ Domain Seizure

Iranian Cyberwarfare DOJ Domain Seizure

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats

Do Son March 20, 2026

The U.S. Department of Justice has struck a major blow against the Islamic Republic of Iran’s cyberwarfare...

Bypassed Boundaries: Two New Vulnerabilities Threaten Spring Framework Apps CVE-2024-22259 Spring Framework Vulnerabilities CVE-2026-22737

CVE-2024-22259 Spring Framework Vulnerabilities CVE-2026-22737

Bypassed Boundaries: Two New Vulnerabilities Threaten Spring Framework Apps

Do Son March 20, 2026

Security researchers have identified two distinct vulnerabilities within the widely used Spring Framework, affecting both Spring MVC...

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs Chrome Security Update Critical Vulnerabilities

Chrome Security Update Critical Vulnerabilities

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs

Do Son March 20, 2026

Google has announced a significant security update for the Chrome stable channel, addressing a staggering 26 security...

The Typosquatting Trap: Fake Telegram Portal Delivers Stealthy Memory-Resident Malware kill chain

kill chain

The Typosquatting Trap: Fake Telegram Portal Delivers Stealthy Memory-Resident Malware

Do Son March 20, 2026

Cybersecurity researchers have uncovered a deceptive campaign that uses a typosquatted website to impersonate the official Telegram...

Critical Quest KACE Flaw Exploited for Total Network Takeover Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical Quest KACE Flaw Exploited for Total Network Takeover

Do Son March 20, 2026

Security researchers at Arctic Wolf have issued an urgent warning after observing a spike in malicious activity...

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’ Boggy Serpens Iranian APT

Boggy Serpens Iranian APT

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’

Do Son March 20, 2026

A new assessment from Unit 42 reveals a significant maturation in the tactics of Boggy Serpens, an...