Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Ghost NICs & Secret Knocks: Dell Zero-Day (CVSS 10) Exploited by UNC6201 FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Ghost NICs & Secret Knocks: Dell Zero-Day (CVSS 10) Exploited by UNC6201

Do Son February 18, 2026

A high-risk zero-day vulnerability in Dell’s virtualization software has become the playground for a sophisticated espionage campaign....

Hackers Use Jira Notifications to Bypass Spam Filters Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Hackers Use Jira Notifications to Bypass Spam Filters

Do Son February 18, 2026

A new spam campaign is slipping past enterprise defenses by wearing a disguise that most security filters...

“Dormant” Backdoors: Ivanti EPMM Zero-Days Exploited to Plant Long-Term Spies

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

“Dormant” Backdoors: Ivanti EPMM Zero-Days Exploited to Plant Long-Term Spies

Do Son February 18, 2026

Two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) are currently being exploited in a widespread...

CISA Adds 2008 Windows Flaw & Chrome Zero-Day to KEV Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Adds 2008 Windows Flaw & Chrome Zero-Day to KEV

Do Son February 18, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

Apache NiFi Flaw (CVE-2026-25903) Lets Users Bypass Restrictions Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi Flaw (CVE-2026-25903) Lets Users Bypass Restrictions

Do Son February 17, 2026

Apache NiFi, the powerhouse engine that automates cybersecurity, observability, event streams, and generative AI data pipelines for...

The Great Refurbishment: Why iOS 27 is the “Vernal Cleansing” Your iPhone Battery Needs FCC Chinese lab ban iPhone NATO certification iPhone 18 Pro Deep Red iOS 27 Snow Leopard update 2026 smartphone memory shortage, IDC mobile market forecast iPhone Satellite Natural Usage iPhone 17 Speaker Issue, USB-C Static iPhone 17 Pro, MagSafe Scratches iPhone 17 Pro, professional filmmaking

FCC Chinese lab ban iPhone NATO certification iPhone 18 Pro Deep Red iOS 27 Snow Leopard update 2026 smartphone memory shortage, IDC mobile market forecast iPhone Satellite Natural Usage iPhone 17 Speaker Issue, USB-C Static iPhone 17 Pro, MagSafe Scratches iPhone 17 Pro, professional filmmaking

The Great Refurbishment: Why iOS 27 is the “Vernal Cleansing” Your iPhone Battery Needs

Do Son February 17, 2026

In recent years, has the act of updating iOS evoked within you a sense of “trepidation amidst...

The Rise of the Digital Concierge: OpenAI Hires OpenClaw Visionary to Turn ChatGPT into an Autonomous Agent

ChatGPT Lockdown Mode OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

The Rise of the Digital Concierge: OpenAI Hires OpenClaw Visionary to Turn ChatGPT into an Autonomous Agent

Do Son February 17, 2026

OpenAI CEO Sam Altman has announced on the social media platform X that Peter Steinberger—the architect of...

Hiding in Plain Sight: APT28’s “Operation MacroMaze” Hits European Govs

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Hiding in Plain Sight: APT28’s “Operation MacroMaze” Hits European Govs

Do Son February 17, 2026

A new cyberespionage campaign attributed to the notorious Russian state-sponsored group APT28 (also known as Fancy Bear...

The AI Baseline: Apple’s “Special Experience” to Launch Budget MacBooks and M5 Powerhouses Apple Experience March 4 Apple Spring Event 2026

Apple Experience March 4 Apple Spring Event 2026

The AI Baseline: Apple’s “Special Experience” to Launch Budget MacBooks and M5 Powerhouses

Do Son February 17, 2026

Apple has formally extended invitations to the global media, confirming a prestigious special engagement titled “Apple Experience”...

The “Styles” Trap: 500,000 VK Accounts Hijacked by Chrome Extensions VK Malicious Extensions VK Styles Campaign

VK Malicious Extensions VK Styles Campaign

The “Styles” Trap: 500,000 VK Accounts Hijacked by Chrome Extensions

Do Son February 17, 2026

A massive malware campaign targeting Russia’s largest social network, VKontakte (VK), has been uncovered, revealing that over...

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels RenEngine Malware Pirated Games Security

RenEngine Malware Pirated Games Security

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels

Do Son February 17, 2026

A new malware campaign is turning the quest for free games into a nightmare for players. A...

The 1% Breach: 287 Chrome Extensions Caught Spying on 37M Users Malicious Chrome Extensions

Malicious Chrome Extensions

The 1% Breach: 287 Chrome Extensions Caught Spying on 37M Users

Do Son February 17, 2026

A sweeping new investigation by Q Continuum has uncovered a massive surveillance network operating within the Chrome...

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord Foxveil Malware

Foxveil Malware

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord

Do Son February 17, 2026

A new and elusive malware loader has been discovered prowling the legitimate infrastructure of the web, abusing...

“CL Suite” Deception: Malicious Chrome Extension Steals 2FA Secrets and Meta Business Data CL Suite Malicious Extension Meta Business Suite Security

CL Suite Malicious Extension Meta Business Suite Security

“CL Suite” Deception: Malicious Chrome Extension Steals 2FA Secrets and Meta Business Data

Do Son February 17, 2026

A malicious Google Chrome extension posing as a productivity tool for Meta Business Suite has been caught...

“Natural Selection” at Work: How North Korean IT Workers Use AI to Infiltrate Companies North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

“Natural Selection” at Work: How North Korean IT Workers Use AI to Infiltrate Companies

Do Son February 17, 2026

A new report from Okta Threat Intelligence has pulled back the curtain on a sprawling fraudulent employment...

The Navigation War: Why Tesla is Ghosting Apple CarPlay Amidst a Sales Slump

Apple HomePad delay Tesla CarPlay integration 2026 Apple CarPlay AI integration 2026 Apple 2026 product roadmap rumors, foldable iPhone release date Apple Vision Pro sales slump, Vision Pro production cut Russia FaceTime Ban Network Blockade Apple Apple 2026 Roadmap, iPhone Foldable, Apple Intelligence Apple Maps ads, iOS monetization Apple, Digital Markets Act FCC Leak, iPhone 16e Schematics iPhone Fold Apple Made in India Apple US Investment, Indian Tariffs Apple Leadership, Tim Cook Tenure Siri Redesign, Apple AI Apple App Store Apple EU, Digital Markets Act CVE-2022-32898 Third-Party iOS Apps Apple Antitrust, DOJ Lawsuit

The Navigation War: Why Tesla is Ghosting Apple CarPlay Amidst a Sales Slump

Do Son February 16, 2026

Despite persistent rumors suggesting that Tesla would finally dismantle its proprietary fortress to embrace Apple CarPlay, a...

Colorful, Metallic, and Powered by iPhone: Apple’s Bold $500 Gamble to Reclaim the Classroom Budget MacBook aluminum Apple MacBook, A18 Pro Chip MacBook Pro OLED

Budget MacBook aluminum Apple MacBook, A18 Pro Chip MacBook Pro OLED

Colorful, Metallic, and Powered by iPhone: Apple’s Bold $500 Gamble to Reclaim the Classroom

Do Son February 16, 2026

According to insights shared by Bloomberg’s Mark Gurman in his latest “Power On” dispatch, the rumored budget-oriented...

200k Sites Exposed: Critical CleanTalk Flaw (CVSS 9.8) Allows RCE CleanTalk Vulnerability CVE-2026-1490

CleanTalk Vulnerability CVE-2026-1490

200k Sites Exposed: Critical CleanTalk Flaw (CVSS 9.8) Allows RCE

Do Son February 16, 2026

A plugin designed to keep spam bots at bay has inadvertently left the back door open for...

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails Phorpiex Botnet LNK Phishing

Phorpiex Botnet LNK Phishing

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails

Do Son February 16, 2026

A high-volume phishing campaign has been spotted in the wild, reviving an old but effective tactic to...

Industrial Sabotage Risk: Critical Airleader Flaw (CVSS 9.8) Exposed

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Industrial Sabotage Risk: Critical Airleader Flaw (CVSS 9.8) Exposed

Do Son February 16, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a critical security vulnerability...