Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware

Do Son February 13, 2026

The notorious North Korean hacking syndicate, Lazarus Group, has launched a new, highly sophisticated branch of its...

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks

Do Son February 13, 2026

A new report from Bitdefender has revealed a troubling resurgence in LummaStealer activity, proving that even coordinated...

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers SSHStalker Botnet Linux IRC Malware

SSHStalker Botnet Linux IRC Malware

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers

Do Son February 13, 2026

A previously undocumented Linux botnet has been discovered prowling the internet, using a mix of ancient tactics...

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed Muddled Libra Rogue VM

Muddled Libra Rogue VM

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed

Do Son February 13, 2026

A new investigation by Unit 42 has pulled back the curtain on the operations of Muddled Libra,...

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust Telegram Phishing Account Takeover

Telegram Phishing Account Takeover

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust

Do Son February 13, 2026

A new phishing campaign is targeting Telegram users by turning the platform’s own security features into a...

The Silent Assistant: Why Apple Just Pulled the Plug on Siri’s “Cerebral Transplant” for iOS 26.4 iOS 27 Apple Intelligence Apple AI Extensions bazaar Siri iOS 27 Gemini integration Apple AI server Baltra Siri AI delay iOS 26.4 Apple Google Gemini Siri partnership, Siri powered by Google Gemini 2026 Siri Gemini, Apple Intelligence Siri, Apple AI Apple "Veritas", Siri AI Siri Gemini Supercharged Siri, AI assistant Siri Integration, App Intents Apple Siri Apple AI Strategy, ChatGPT Rival

iOS 27 Apple Intelligence Apple AI Extensions bazaar Siri iOS 27 Gemini integration Apple AI server Baltra Siri AI delay iOS 26.4 Apple Google Gemini Siri partnership, Siri powered by Google Gemini 2026 Siri Gemini, Apple Intelligence Siri, Apple AI Apple "Veritas", Siri AI Siri Gemini Supercharged Siri, AI assistant Siri Integration, App Intents Apple Siri Apple AI Strategy, ChatGPT Rival

The Silent Assistant: Why Apple Just Pulled the Plug on Siri’s “Cerebral Transplant” for iOS 26.4

Do Son February 12, 2026

While market prognosticators widely anticipated that Apple would finally unveil a “genuinely intelligent” Siri—powered by the integrated...

From Search to Sale: How Google’s “Agent Commerce” Turns Gemini into Your Personal Buyer Google Agent Commerce 2026

Google Agent Commerce 2026

From Search to Sale: How Google’s “Agent Commerce” Turns Gemini into Your Personal Buyer

Do Son February 12, 2026

Vidhya Srinivasan, Vice President and General Manager of Ads at Google, articulated in her 2026 annual missive...

No Ads, No Paywall: Anthropic’s Bold “Sonnet 4.5” Gambit to Dethrone ChatGPT Anthropic confidential IPO filing Anthropic Google $200 billion deal Anthropic Mythos Preview Anthropic Pentagon blacklist Claude Max 20x open-source Model Distillation Anthropic vs DeepSeek Claude Free tier update 2026

Anthropic confidential IPO filing Anthropic Google $200 billion deal Anthropic Mythos Preview Anthropic Pentagon blacklist Claude Max 20x open-source Model Distillation Anthropic vs DeepSeek Claude Free tier update 2026

No Ads, No Paywall: Anthropic’s Bold “Sonnet 4.5” Gambit to Dethrone ChatGPT

Do Son February 12, 2026

In a strategic endeavor to captivate users disenchanted by ubiquitous advertising, Anthropic has announced a profound enhancement...

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers

Do Son February 12, 2026

MongoDB has issued a warning regarding a high-severity vulnerability that could allow attackers to remotely crash database...

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets

Do Son February 12, 2026

Ivanti has rolled out important security updates for its Endpoint Manager (EPM), addressing a pair of vulnerabilities...

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public Windows Storage EoP CVE-2026-21508

Windows Storage EoP CVE-2026-21508

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public

Do Son February 12, 2026

A critical Elevation of Privilege (EoP) vulnerability in Windows Storage, tracked as CVE-2026-21508, has moved from a...

Unauthenticated Attacker Can Trap Palo Alto Firewalls in Maintenance Mode Loop (CVE-2026-0229) PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110

PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110

Unauthenticated Attacker Can Trap Palo Alto Firewalls in Maintenance Mode Loop (CVE-2026-0229)

Do Son February 12, 2026

Palo Alto Networks has issued a security advisory for a denial-of-service (DoS) vulnerability affecting its PAN-OS software,...

Chrome 145 Patches 3 High-Severity Flaws in CSS & Codecs

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Chrome 145 Patches 3 High-Severity Flaws in CSS & Codecs

Do Son February 12, 2026

Google has officially promoted Chrome 145 to the stable channel, rolling out a fresh wave of defenses...

Apple Zero-Day (CVE-2026-20700) Exploited in the Wild Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Apple Zero-Day (CVE-2026-20700) Exploited in the Wild

Do Son February 12, 2026

Apple has issued an emergency security update for its entire mobile ecosystem, racing to close a critical...

CVE-2026-26007: Python Cryptography Flaw (CVSS 8.2) Leaks Private Keys

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

CVE-2026-26007: Python Cryptography Flaw (CVSS 8.2) Leaks Private Keys

Do Son February 12, 2026

A high-severity vulnerability has been discovered in the cryptography Python package, one of the most widely used...

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell

Do Son February 12, 2026

A new class of cyberattack has been caught in the wild, one where the code isn’t written...

CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores EverShop Vulnerability Second-Order SQL Injection

EverShop Vulnerability Second-Order SQL Injection

CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores

Do Son February 12, 2026

A critical vulnerability has been discovered in EverShop, a modern, developer-focused e-commerce platform built on React and...

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT VoidLink Framework UAT-9921 Russian hacking group

VoidLink Framework UAT-9921 Russian hacking group

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT

Do Son February 12, 2026

A new and sophisticated threat actor has emerged from the shadows, wielding a modular attack framework designed...

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT XWorm RAT Excel Phishing

XWorm RAT Excel Phishing

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT

Do Son February 12, 2026

A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent...

5G Core Breach: Critical HPE Aruba Flaw Allows Unauthenticated Admin Takeover HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

5G Core Breach: Critical HPE Aruba Flaw Allows Unauthenticated Admin Takeover

Do Son February 12, 2026

HPE Aruba Networking has issued a critical security alert for its Private 5G Core platform, rushing to...