News Archives • Page 22 of 631 • Daily CyberSecurity

From Shanghai to Houston: The HAFNIUM Hacker Who Stole Vaccine Secrets Faces Justice UNC5221 HAFNIUM Extradition PRC State Espionage

From Shanghai to Houston: The HAFNIUM Hacker Who Stole Vaccine Secrets Faces Justice

Ddos April 28, 2026

This past weekend, Xu Zewei (徐泽伟), a 34-year-old national of the People’s Republic of China (PRC), was...

Critical LiteLLM SQL Injection (CVE-2026-42208) Exploited in the Wild LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

Critical LiteLLM SQL Injection (CVE-2026-42208) Exploited in the Wild

Ddos April 28, 2026

Security researchers have sounded the alarm on a critical vulnerability in LiteLLM, a massively popular open-source gateway...

Apache MINA Hit by Twin Critical RCE Flaws Apache MINA Deserialization CVE-2026-42778 RCE Apache MINA RCE CVE-2026-41635

Apache MINA Hit by Twin Critical RCE Flaws

Ddos April 28, 2026

Apache MINA is widely recognized as a foundational network application framework, designed to help users easily develop...

Freedom to Reboot: Microsoft Finally Separates Windows 11 Updates from the Power Menu Windows 11 Low Latency Profile Windows 11 Build 26300.8289 update

Freedom to Reboot: Microsoft Finally Separates Windows 11 Updates from the Power Menu

Ddos April 27, 2026

In recent weeks, we have meticulously observed the transformative shifts in the Windows 11 update mechanism. Among...

OpenAI and Semiconductor Titans Join Forces to Build the First AI Agent Smartphone

Ddos April 27, 2026

The distinguished analyst Ming-Chi Kuo recently disseminated a seminal industry report, revealing that OpenAI is currently collaborating...

Amazon Unveils “Claude Platform on AWS” for Instant Access to Anthropic’s Latest Features

Ddos April 27, 2026

At present, enterprise clients and developers utilizing Claude AI services via Amazon must navigate AWS Bedrock, where...

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit Zero-Click Exploitation LNK Authentication Coercion

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit

Ddos April 27, 2026

Researchers at Akamai have discovered that a previous fix for a high-profile exploit used by the Russian-linked...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Vulnerability Digest AI Infrastructure Security

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Ddos April 27, 2026

Welcome to your Monday morning vulnerability digest. As we close out the final full week of April,...

The Unpatched Pivot: New RPC Flaw Opens Doors for Windows Privilege Escalation PhantomRPC Windows Privilege Escalation

The Unpatched Pivot: New RPC Flaw Opens Doors for Windows Privilege Escalation

Ddos April 27, 2026

A new research report from Kaspersky Security Services has pulled back the curtain on a fundamental architectural...

Critical 9.8 CVSS RCE Hijacks Pipecat Voice Agents Pipecat RCE CVE-2025-62373

Critical 9.8 CVSS RCE Hijacks Pipecat Voice Agents

Ddos April 27, 2026

A critical vulnerability has been disclosed in Pipecat, the popular open-source Python framework used to build voice...

Carlson VASCO-B GNSS Receivers Left Open to Remote Hijack GNSS Hijacking Carlson Software

Carlson VASCO-B GNSS Receivers Left Open to Remote Hijack

Ddos April 27, 2026

In an era where precision timing and positioning are the invisible pillars of our global infrastructure, a...

Critical 9.8 CVSS Flaw Exposes Intrado 911 Emergency Gateways Intrado 911 Gateway Vulnerability CVE-2026-6074

Critical 9.8 CVSS Flaw Exposes Intrado 911 Emergency Gateways

Ddos April 27, 2026

A critical security flaw has been discovered in the Intrado 911 Emergency Gateway (EGW). The vulnerability, designated...

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory UNC6692 SNOW Malware Suite

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory

Ddos April 27, 2026

A sophisticated new threat actor, UNC6692, is redefining the art of the initial breach. According to a...

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto HexagonalRodent Malware Web3 Developer Scams

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto

Ddos April 27, 2026

The digital asset landscape is under siege by a highly active, North Korean-linked threat group that has...

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory Trigona Ransomware Custom Exfiltration Tool

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory

Ddos April 25, 2026

The ransomware landscape is witnessing a sophisticated shift in how data is stolen. While most cybercriminal groups...

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Academic Exposure: The Unpatched Flaw Siphoning Student Data from DRC INSIGHT

Ddos April 24, 2026

A security vulnerability has been unearthed in the DRC INSIGHT software—a platform widely used for proctoring academic...

The 9.1 CVSS Flaw: Why Millions of Spring Boot Apps May Be Exposed Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

The 9.1 CVSS Flaw: Why Millions of Spring Boot Apps May Be Exposed

Ddos April 24, 2026

In a major update for the Java ecosystem, several critical vulnerabilities have been disclosed in Spring Boot,...

Triple Threat: Apache ActiveMQ Vulnerabilities Expose Enterprises to RCE and XSS ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

Triple Threat: Apache ActiveMQ Vulnerabilities Expose Enterprises to RCE and XSS

Ddos April 24, 2026

Apache ActiveMQ, the world’s most popular open-source message broker, is currently facing a series of “Important” security...

Workflow Warning: The n8n CVSS 10.0 Prototype Pollution Crisis n8n RCE Automation Security n8n Vulnerability Prototype Pollution RCE

Workflow Warning: The n8n CVSS 10.0 Prototype Pollution Crisis

Ddos April 24, 2026

In the world of rapid development, n8n has become a favorite for technical teams looking to merge...

The Global Surge in Modbus/TCP Probes Targeting Our Physical World Modbus Exploitation ICS Security

The Global Surge in Modbus/TCP Probes Targeting Our Physical World

Ddos April 24, 2026

Between September and November 2025, a massive wave of suspicious activity targeted industrial control systems worldwide, proving...

Critical Alert 1 Active Exploit Detected Today