News Archives • Page 24 of 631 • Daily CyberSecurity

Critical 9.8 CVSS Flaws Hit ArcGIS Infrastructure

Ddos April 23, 2026

Esri has issued an urgent security bulletin regarding two critical vulnerabilities affecting developer credentials within ArcGIS Online,...

The Lotus Evolves: Mustang Panda Targets Indian Banks in a New Espionage Pivot Mustang Panda LOTUSLITE Financial Cyber-Espionage

The Lotus Evolves: Mustang Panda Targets Indian Banks in a New Espionage Pivot

Ddos April 23, 2026

The Acronis Threat Research Unit (TRU) has identified a significant shift in the operations of Mustang Panda,...

Lotus Wiper: A Destructive New Threat Strikes Venezuela’s Energy Sector Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper: A Destructive New Threat Strikes Venezuela’s Energy Sector

Ddos April 23, 2026

A novel and devastating file wiper has been discovered targeting critical infrastructure in South America. Against the...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

In the Wild: Information Disclosure (CVE-2026-20133) Exploited in Cisco SD-WAN Manager

Ddos April 23, 2026

The networking giant Cisco has issued an urgent warning to enterprise administrators. In April 2026, the Cisco...

Cisco Talos Unveils “Living-off-the-Land” Tactics Threatening macOS macOS LOTL Techniques Enterprise Mac Security

Cisco Talos Unveils “Living-off-the-Land” Tactics Threatening macOS

Ddos April 23, 2026

As macOS adoption reaches record highs in the enterprise—now serving as the primary workstation for over 45...

Void Dokkaebi Unmasked: The “Worm-Like” Supply Chain Threat Targeting Developers Void Dokkaebi Supply Chain Infected VS Code Tasks

Void Dokkaebi Unmasked: The “Worm-Like” Supply Chain Threat Targeting Developers

Ddos April 23, 2026

A new report from researchers at TrendMicro has exposed the evolution of Void Dokkaebi (also known as...

Linux Privilege Escalation: “Pack2TheRoot” Flaw Impacts Major Distributions Pack2TheRoot Vulnerability PackageKit Privilege Escalation

Linux Privilege Escalation: “Pack2TheRoot” Flaw Impacts Major Distributions

Ddos April 23, 2026

A long-standing security flaw has been unearthed in a core component of the modern Linux desktop and...

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild WordPress RCE Breeze Plugin Vulnerability

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

Ddos April 23, 2026

A major security threat is currently sweeping through the WordPress ecosystem. Breeze, a highly popular caching plugin...

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines CVE-2026-33626 LMDeploy SSRF

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines

Ddos April 23, 2026

On April 21, 2026, a high-severity Server-Side Request Forgery (SSRF) vulnerability was disclosed in LMDeploy, a popular...

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Ddos April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference Xinference Supply Chain Attack TeamPCP

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference

Ddos April 23, 2026

The Python ecosystem is reeling from a sophisticated supply chain attack targeting Xinference (Xorbits Inference), a widely...

PureRAT Unmasked: The Stealthy, Multi-Stage “Dynamic Loader” Targeting Windows PureRAT Malware Steganography Evasion

PureRAT Unmasked: The Stealthy, Multi-Stage “Dynamic Loader” Targeting Windows

Ddos April 23, 2026

The Trellix Advanced Research Center has released an in-depth analysis of PureRAT, an advanced remote access trojan...

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest BlueHammer Exploit Microsoft Defender LPE

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest

Ddos April 23, 2026

CISA has officially added a fresh vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of...

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords ClickFix macOS Terminal Infostealer

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords

Ddos April 23, 2026

A sophisticated cross-platform social engineering campaign, dubbed ClickFix, has evolved to target macOS users with a relentless...

Total Database Collapse: Inside the ElectricSQL CVSS 10.0 SQL Injection ElectricSQL SQL Injection PostgreSQL Tenant Isolation

Total Database Collapse: Inside the ElectricSQL CVSS 10.0 SQL Injection

Ddos April 22, 2026

ElectricSQL, the popular sync engine used to power modern real-time applications, has disclosed a catastrophic SQL injection...

High-Severity PHPUnit Vulnerability Enables Remote Code Execution PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

High-Severity PHPUnit Vulnerability Enables Remote Code Execution

Ddos April 22, 2026

The PHP development community is facing a significant security risk following the disclosure of a critical argument...

NVIDIA Fixes High-Severity Flaws in KAI Scheduler and CUDA-Q NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA Fixes High-Severity Flaws in KAI Scheduler and CUDA-Q

Ddos April 22, 2026

NVIDIA has released a series of software updates to address high-severity vulnerabilities in its KAI Scheduler and...

GitLab Security Update: High-Severity Vulnerabilities Patched in April Release GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826