News Archives • Page 216 of 632 • Daily CyberSecurity

Windows Zero-Day Actively Exploited by Ransomware Gangs – PoC Available!

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Windows Zero-Day Actively Exploited by Ransomware Gangs – PoC Available!

Ddos July 21, 2025

In April 2025, Microsoft issued a critical security patch addressing a serious vulnerability in the Windows Common...

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Ddos July 21, 2025

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service 7-Zip Vulnerabilities, File Archiver Security

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service

Ddos July 21, 2025

Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source...

UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia Cyber Espionage, UNG0002

UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia

Ddos July 21, 2025

The Seqrite Labs APT-Team has uncovered the latest espionage operations of UNG0002 (Unknown Group 0002), a stealthy...

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation SharePoint RCE, ToolShell Exploit

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation

Ddos July 21, 2025

On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly...

China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry China Cyber-espionage, Taiwan Semiconductors

China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry

Ddos July 21, 2025

A new report from Proofpoint Threat Research sheds light on a coordinated espionage campaign by multiple China-aligned...

DuckDuckGo Battles AI Slop: New Filter Lets Users Hide AI-Generated Images from Search Results DuckDuckGo AI Filter, Image Search DuckDuckGo accuses Google

DuckDuckGo AI Filter, Image Search DuckDuckGo accuses Google

DuckDuckGo Battles AI Slop: New Filter Lets Users Hide AI-Generated Images from Search Results

Ddos July 21, 2025

DuckDuckGo, the search engine renowned for its emphasis on privacy protection and user experience, has recently introduced...

Lenovo Vantage Flaws Allow Local Privilege Escalation on PCs Lenovo Vantage, Privilege Escalation

Lenovo Vantage Flaws Allow Local Privilege Escalation on PCs

Ddos July 21, 2025

Lenovo has issued a security advisory disclosing three newly discovered vulnerabilities in Lenovo Vantage, a widely pre-installed...

LibreOffice Accuses Microsoft of Deliberate “Lock-in” Through Complex File Formats LibreOffice, Microsoft Office Formats CVE-2023-6185 and CVE-2023-6186 LibreOffice Update, OS Support

LibreOffice, Microsoft Office Formats CVE-2023-6185 and CVE-2023-6186 LibreOffice Update, OS Support

LibreOffice Accuses Microsoft of Deliberate “Lock-in” Through Complex File Formats

Ddos July 21, 2025

The renowned open-source office suite LibreOffice recently issued a statement accusing Microsoft of deliberately employing unnecessarily complex...

Fake Receipts, Real Damage: Group-IB Uncovers Fraud-as-a-Service Empire Behind MaisonReceipts Fraud-as-a-Service, Fake Receipts

Fake Receipts, Real Damage: Group-IB Uncovers Fraud-as-a-Service Empire Behind MaisonReceipts

Ddos July 21, 2025

In an age where deception is just a few clicks away, Group-IB’s latest report reveals a rise...

Trump Signs “GENIUS Act”: Landmark Law Reshapes US Stablecoin Market, Boosts Dollar Dominance SEC Crypto Regulation, Project Crypto Stablecoin Regulation, GENIUS Act Cryptocurrency Fraud Report Garantex, stablecoin

SEC Crypto Regulation, Project Crypto Stablecoin Regulation, GENIUS Act Cryptocurrency Fraud Report Garantex, stablecoin

Trump Signs “GENIUS Act”: Landmark Law Reshapes US Stablecoin Market, Boosts Dollar Dominance

Ddos July 21, 2025

U.S. President Donald Trump has officially signed into law the “GENIUS Act,” a groundbreaking piece of financial...

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials SonicWall Malware, Supply Chain Attack

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials

Ddos July 21, 2025

In a newly uncovered software supply chain attack, threat actors have successfully deployed a backdoored version of...

Windows 11 KB5089549 network lag Windows 11 Home to Pro Education upgrade Windows 11 Start menu update Windows 11 update KB5079391 Windows 11 KB5085516 OOB update Windows 11 C drive permission error Windows 11 C drive access denied Windows native NVMe driver UEFI Secure Boot certificate rotation Windows 11 printer driver policy Windows 11 printer driver deprecation Windows 11 Build 26300 Sysmon Windows 11 Storage settings restriction Windows 11 Build 26300.7674, Windows Insider channel migration 2026 Windows 11 Update Fix KB5073455 shutdown bug, Secure Launch restart loop Windows 11 File Explorer search performance, Search Indexer RAM usage fix Windows 11 Gaming PC Specs, NVMe DirectStorage Windows 10 End of Support Windows 11 Slow Adoption Windows 11 Crash Loop KB5062553 Bug Update and Shut Down, KB5067036 Windows authentication, Kerberos bug Windows 11 fix, localhost bug Windows 11 Update Restart, Update and Shut Down Windows SMBv1 Windows 11 Arm, Easy Anti-Cheat Windows 11 error, Pluton Windows 11 24H2, Easy Anti-Cheat Windows Firewall Bug, Microsoft Update Error Windows 11, JScript9Legacy Windows Activation, TSforge Windows 11 Update, Firewall Error Windows 11 25H2, Annual Update Windows Resiliency Initiative, Kernel Security Windows 11 Upgrade, ESU Program Windows 11 Recall, Data Export Windows 11 Easy Anti-Cheat Windows 11 Update, Cumulative Update Windows Update, ACPI.sys Windows Updates, Enterprise Software Windows 11 Start Data Encryption Standard Printing Problems Windows 11 updates Estimated installation time Smart App Control, Windows 11 security

Windows 11 Firewall Error: Microsoft Apologizes for Premature “Resolved” Status, Fix Still Coming

Ddos July 20, 2025

Earlier this month, Microsoft added an event tag to the Windows 11 Health Dashboard, noting that beginning...

Meta Rejects EU AI Code of Practice, Warns of “Excessive Interference” & Stifled Innovation Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta Rejects EU AI Code of Practice, Warns of “Excessive Interference” & Stifled Innovation

Ddos July 20, 2025

The European Union has recently introduced a new Code of Practice for General Purpose AI (GPAI), aiming...

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet! SharePoint RCE, Zero-Day Exploitation CVE-2025-53770

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!

Ddos July 20, 2025

Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation...

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library PyPI Supply Chain, Credit Card Theft

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library

Ddos July 20, 2025

Imperva researchers have uncovered a supply chain attack masquerading as a popular Python utility. The package in...

Microsoft Pulls the Plug on Movies & TV Store: End of an Entertainment Era Microsoft, pricing change Microsoft Server Pricing, On-Premises Price Hike Security Core Priority - Microsoft data centers

Microsoft, pricing change Microsoft Server Pricing, On-Premises Price Hike Security Core Priority - Microsoft data centers

Microsoft Pulls the Plug on Movies & TV Store: End of an Entertainment Era

Ddos July 19, 2025

Microsoft has officially announced the complete discontinuation of its Movies & TV app store functionality, meaning users...

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages npm Phishing, Supply Chain Attack

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

Ddos July 19, 2025

A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...

FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available! ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953