News Archives • Page 152 of 631 • Daily CyberSecurity

LineageOS 23.0 Released on Android 16: New Camera App, Catapult TV Launcher, and Virtualization Support LineageOS 22.1 LineageOS 23.0, Android 16

LineageOS 23.0 Released on Android 16: New Camera App, Catapult TV Launcher, and Virtualization Support

Ddos October 13, 2025

The successor to the CM system, LineageOS, has recently released version 23.0, developed on Android 16. This...

Oracle Warns of Unauthenticated Vulnerability in E-Business Suite (CVE-2025-61884) IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Oracle Warns of Unauthenticated Vulnerability in E-Business Suite (CVE-2025-61884)

Ddos October 13, 2025

Oracle has issued an emergency Security Alert Advisory for a newly discovered vulnerability affecting Oracle E-Business Suite,...

New Stealit Infostealer Abuses Node.js SEA Feature and Telegram C2 in Malware-as-a-Service Campaign Stealit Node.js SEA, Telegram C2

New Stealit Infostealer Abuses Node.js SEA Feature and Telegram C2 in Malware-as-a-Service Campaign

Ddos October 13, 2025

FortiGuard Labs has identified a new and active Stealit malware campaign that abuses the Node.js Single Executable...

Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation

Ddos October 13, 2025

Forescout Research has uncovered a disturbing new tactic among pro-Russian hacktivists — fabricating real-world critical infrastructure attacks...

Cherry Studio RCE, Custom Protocol Exploit

Critical Cherry Studio Flaw CVE-2025-61929 (CVSS 9.7) Allows One-Click RCE via Custom URL Protocol

Ddos October 13, 2025

A critical security flaw has been discovered in Cherry Studio, a cross-platform desktop client that supports multiple...

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday Payroll Piracy, Workday Phishing

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday

Ddos October 13, 2025

Microsoft Threat Intelligence has issued a warning about a financially motivated campaign conducted by a threat actor...

Critical Auth Bypass (CVE-2025-61928) in Better Auth Allows Hackers to Steal User API Keys Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Critical Auth Bypass (CVE-2025-61928) in Better Auth Allows Hackers to Steal User API Keys

Ddos October 13, 2025

A critical authentication bypass vulnerability has been discovered in Better Auth, a popular framework-agnostic authentication and authorization...

Axis Communications Leaks Azure Credentials in Autodesk Plugin Via Hardcoded SAS Tokens Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Axis Communications Leaks Azure Credentials in Autodesk Plugin Via Hardcoded SAS Tokens

Ddos October 13, 2025

Trend Micro’s Threat Research team has uncovered a serious cloud credential exposure involving Axis Communications, a leading...

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers Homebrew Spoofing, Clipboard Injection

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers

Ddos October 13, 2025

Researchers from Kandji’s Threat Intelligence team uncovered a malware campaign targeting macOS users through spoofed Homebrew installer...

Massive RDP Botnet Unleashed: 100,000+ IPs in Coordinated Global Scanning Campaign Targeting US RDP Botnet, Coordinated Scanning CVE-2024-21888 & CVE-2024-21893

RDP Botnet, Coordinated Scanning CVE-2024-21888 & CVE-2024-21893

Massive RDP Botnet Unleashed: 100,000+ IPs in Coordinated Global Scanning Campaign Targeting US

Ddos October 13, 2025

GreyNoise Intelligence has issued an alert about a massive coordinated botnet operation targeting Remote Desktop Protocol (RDP)...

New Rust Backdoor ChaosBot Uses Discord as Covert C2 Channel to Target Financial Services ChaosBot Discord C2, Rust Backdoor

New Rust Backdoor ChaosBot Uses Discord as Covert C2 Channel to Target Financial Services

Ddos October 13, 2025

The eSentire Threat Response Unit (TRU) identified a new Rust-based backdoor—dubbed ChaosBot—deployed inside a financial services organization’s...

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig

Ddos October 13, 2025

DomainTools Threat Intelligence has exposed a sprawling cybercrime operation that uses a single infrastructure to power multiple...

Akira Ransomware Revives SonicWall Flaw CVE-2024-40766, Uses ‘UnPAC the Hash’ to Breach Networks

Ddos October 13, 2025

Between July and August 2025, global security teams have observed a resurgence in Akira ransomware incidents targeting...

Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode

Ddos October 13, 2025

Apple has announced a major overhaul of its Security Bounty vulnerability reward program, set to take effect...

UK CMA Designates Google with Strategic Market Status Over 90% Search Dominance

Ddos October 13, 2025

The UK Competition and Markets Authority (CMA) has formally designated Google as holding a “Strategic Market Status”...

CVE-2025-61927 (CVSS 9.4): Critical RCE Flaw Discovered in Happy DOM, Over 2.7 Million Weekly Downloads Impacted

Ddos October 13, 2025

A critical-severity vulnerability has been disclosed in Happy DOM, a popular JavaScript package used to emulate web...

Two 7-Zip Flaws Allow Code Execution via Malicious ZIP Files (CVE-2025-11001 & CVE-2025-11002) 7-Zip RCE, ZIP Directory Traversal

Two 7-Zip Flaws Allow Code Execution via Malicious ZIP Files (CVE-2025-11001 & CVE-2025-11002)

Ddos October 11, 2025

The Zero Day Initiative (ZDI) has published details of two critical vulnerabilities in the popular open-source compression...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Ddos October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

China Launches Antitrust Probe into Qualcomm Over Autotalks Acquisition Failure to File Declaration Qualcomm Samsung 2nm foundry deal, Snapdragon 8 Elite 2nm refresh Qualcomm Ventana Acquisition, RISC-V Strategy Qualcomm Autotalks, China Antitrust Qualcomm Antitrust, Which? Lawsuit Qualcomm GPU driver, CVE-2024-38399 Qualcomm's March 2025 Security Bulletin

Qualcomm Samsung 2nm foundry deal, Snapdragon 8 Elite 2nm refresh Qualcomm Ventana Acquisition, RISC-V Strategy Qualcomm Autotalks, China Antitrust Qualcomm Antitrust, Which? Lawsuit Qualcomm GPU driver, CVE-2024-38399 Qualcomm's March 2025 Security Bulletin

China Launches Antitrust Probe into Qualcomm Over Autotalks Acquisition Failure to File Declaration

Ddos October 11, 2025

China’s State Administration for Market Regulation (SAMR) recently announced the launch of an antitrust investigation into U.S....

OpenAI’s Sora AI Video App Hits 1 Million Downloads in Under Five Days, Outpacing ChatGPT Cameo Sora Lawsuit OpenAI Trademark Sora Cameo, trademark lawsuit Japan Sora 2 Copyright, Anime Manga IP Sora 1M Downloads, AI Video Platform Sora Copyright, Revenue Sharing OpenAI Sora, AI Video Platform

Cameo Sora Lawsuit OpenAI Trademark Sora Cameo, trademark lawsuit Japan Sora 2 Copyright, Anime Manga IP Sora 1M Downloads, AI Video Platform Sora Copyright, Revenue Sharing OpenAI Sora, AI Video Platform

OpenAI’s Sora AI Video App Hits 1 Million Downloads in Under Five Days, Outpacing ChatGPT

Ddos October 11, 2025

OpenAI’s newly launched short-video platform “Sora,” which enables users to generate audiovisual content directly through AI, has...

Critical Alert 1 Active Exploit Detected Today