News Archives • Page 155 of 652 • Daily CyberSecurity

CVE-2025-64439: RCE Flaw Detected in LangGraph: Agent Orchestration Framework at Risk LangGraph RCE, Checkpoint Deserialization

CVE-2025-64439: RCE Flaw Detected in LangGraph: Agent Orchestration Framework at Risk

Do Son November 10, 2025

The LangGraph project, a powerful, low-level orchestration framework trusted by major tech companies for building stateful AI...

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts Vidar npm Supply Chain, Typosquatting

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts

Do Son November 10, 2025

Researchers at Datadog Security Research have uncovered a major supply-chain compromise in the npm ecosystem involving 17...

High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM

Do Son November 10, 2025

Elastic has released security updates to address a serious flaw in Elastic Defend, its endpoint protection component...

China APT Infiltrates US Policy Nonprofit in Months-Long Espionage Campaign Using DLL Sideloading China APT Espionage, DLL Sideloading

China APT Infiltrates US Policy Nonprofit in Months-Long Espionage Campaign Using DLL Sideloading

Do Son November 10, 2025

A new investigation by the Broadcom Threat Hunter Team has uncovered a China-linked cyber espionage campaign that...

MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access RMM Ransomware

MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access

Do Son November 10, 2025

A new report from Zensec has exposed a critical vulnerability in the IT supply chain, detailing how...

Kimsuky APT Uses JavaScript Loader and Certutil to Achieve Minute-by-Minute Persistence via Windows Scheduled Task

Do Son November 10, 2025

The North Korean advanced persistent threat (APT) group Kimsuky has once again emerged with a new, JavaScript-driven...

PoC Exploit Released for CVE-2025-55680 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw Cloud Files Driver LPE, TOCTOU Race Condition

Cloud Files Driver LPE, TOCTOU Race Condition

PoC Exploit Released for CVE-2025-55680 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw

Do Son November 10, 2025

Security researchers from TyphoonPWN, the Windows PE Winner team, in collaboration with SSD Secure Disclosure, have uncovered...

Snapchat’s ‘My AI’ Gets a Brain: $400M Deal Integrates Perplexity’s Advanced Search Snap Perplexity Partnership, My AI Upgrade

Snapchat’s ‘My AI’ Gets a Brain: $400M Deal Integrates Perplexity’s Advanced Search

Do Son November 9, 2025

Snap has announced a landmark partnership with AI search startup Perplexity, under which Perplexity’s advanced search technology...

Steam Store Gets a Massive Redesign: Wider Pages, New Trailer View, and Hi-Res Images Steam Store Redesign

Steam Store Gets a Massive Redesign: Wider Pages, New Trailer View, and Hi-Res Images

Do Son November 9, 2025

Valve has officially begun rolling out a major redesign of the Steam Store pages to all users....

Warren Report Exposes Tech Tax Breaks: Enough to Fund Healthcare for Millions Warren Tax Breaks, Tech Giants

Warren Report Exposes Tech Tax Breaks: Enough to Fund Healthcare for Millions

Do Son November 9, 2025

The office of U.S. Senator Elizabeth Warren (D-Mass.) has released a report sharply criticizing the tax reduction...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

Denmark Moves to Ban Social Media for Under-15s in World-Leading Digital Crackdown

Do Son November 9, 2025

The Danish government has recently announced that members of parliament across the political spectrum—from left to center...

Critical Warning: QNAP Patches Seven Zero-Days Exploited at Pwn2Own 2025 QNAP Zero-Day, Pwn2Own Exploit CVE-2024-21899 - QNAP QTS vulnerability

Critical Warning: QNAP Patches Seven Zero-Days Exploited at Pwn2Own 2025

Do Son November 8, 2025

QNAP has issued an urgent security advisory and released patches for seven zero-day vulnerabilities that were successfully...

Google licenses app code Gemini API Prepaid Billing Gemini macOS Desktop Intelligence Gemini API Tier 2 upgrade Google Workspace CLI AI Google Gemini Import AI Chats Google AI Plus subscription 2026, Gemini 3 Pro vs AI Pro cost Apple, Google Gemini, Siri, Apple Intelligence, iOS 26, The Information, Fine-tuning, Private Cloud Compute, AI Partnership, Tech News 2026 Gemini Assistant transition 2026, Google Assistant sunset delay Nano Banana Pro AI Image Text Gemini Deep Research, Workspace Integration Gemini Canvas, presentation generation

Personalized AI: Gemini’s Deep Research Now Accesses Your Gmail & Google Drive Data

Do Son November 8, 2025

Earlier, Google announced a major update to the “Deep Research” feature built into its AI assistant, Gemini....

The $600 Billion Figure: Meta Commits Massive Investment to AI Data Centers

Do Son November 8, 2025

Meta recently announced plans to invest $600 billion in U.S. infrastructure and employment by 2028. Although the...

42.5 ExaFLOPS: Google Launches Ironwood TPU to Power Next-Gen Agentic AI Google Ironwood TPU, Agentic AI

42.5 ExaFLOPS: Google Launches Ironwood TPU to Power Next-Gen Agentic AI

Do Son November 8, 2025

At this year’s Next ’25 conference, Google unveiled “Ironwood”, its seventh-generation Tensor Processing Unit (TPU) — a...

US Treasury Sanctions 8 North Koreans and 2 Banks for Laundering Crypto to Fund WMD Programs DPRK Sanctions, Crypto Money Laundering

US Treasury Sanctions 8 North Koreans and 2 Banks for Laundering Crypto to Fund WMD Programs

Do Son November 7, 2025

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions against...

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) runc Container Escape, Mount Race Condition

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881)

Do Son November 7, 2025

The Open Container Initiative (OCI) has released security updates to address three high-severity vulnerabilities affecting its container...

Booking.com Phishing Campaign Hijacks Hotel Accounts to Deliver PureRAT via ClickFix Lure PureRAT ClickFix, Booking.com Phishing

Booking.com Phishing Campaign Hijacks Hotel Accounts to Deliver PureRAT via ClickFix Lure

Do Son November 7, 2025

Threat analysts at Sekoia.io have uncovered a global phishing operation that has been targeting the hospitality industry...

High-Severity Cisco ISE Flaw (CVE-2025-20343) Allows Unauthenticated DoS via Crafted RADIUS Requests Cisco ISE RADIUS DoS, CVE-2025-20343

High-Severity Cisco ISE Flaw (CVE-2025-20343) Allows Unauthenticated DoS via Crafted RADIUS Requests

Do Son November 7, 2025

Cisco has released a security update to address a high-severity vulnerability (CVE-2025-20343, CVSS 8.6) affecting its Identity...

DragonForce Ransomware Strikes Manufacturing Sector with Brute-Force, Exfiltrating Data Over SSH to Russian Host DragonForce RaaS, Manufacturing Ransomware

DragonForce RaaS, Manufacturing Ransomware

DragonForce Ransomware Strikes Manufacturing Sector with Brute-Force, Exfiltrating Data Over SSH to Russian Host

Do Son November 7, 2025

Cybersecurity firm Darktrace has published a detailed investigation into a DragonForce-affiliated ransomware attack that targeted a manufacturing...