News Archives • Page 25 of 651 • Daily CyberSecurity

Cloud Under Siege: Persistent P2Pinfect Botnet Activity Discovered in Kubernetes Environments

Do Son May 24, 2026

Security researchers have discovered a stealthy cloud threat hiding inside enterprise cloud environments. Specifically, FortiGuard Labs recently...

SSRF Risk in Server-Side Rendering: Patch Your Angular Applications Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

SSRF Risk in Server-Side Rendering: Patch Your Angular Applications

Do Son May 24, 2026

Security teams must address a newly disclosed flaw in the Angular web ecosystem. Specifically, developers uncovered an...

Legitimate Software Abused: Stealthy ValleyRAT Malware Campaign Targets Enterprise Users

Do Son May 24, 2026

A dangerous new ValleyRAT malware campaign is currently targeting unsuspecting corporate users across the internet. Specifically, threat...

Operation Saffron: Authorities Smash ‘First VPN’ Cybercrime Network First VPN service takedown

Operation Saffron: Authorities Smash ‘First VPN’ Cybercrime Network

Do Son May 24, 2026

International law enforcement agencies have achieved a massive victory against underground ransomware networks. Specifically, authorities completely dismantled...

The 10,000-Bug AI: How Anthropic’s Secret “Mythos” Model is Rewriting Cyber-Resilience Anthropic Project Glasswing cybersecurity

The 10,000-Bug AI: How Anthropic’s Secret “Mythos” Model is Rewriting Cyber-Resilience

Do Son May 24, 2026

Amidst the escalating anxieties surrounding the security implications of artificial intelligence, a subset of the industry is...

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages PHP Supply Chain Attack Socket Composer Malicious Postinstall

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

Do Son May 23, 2026

Security researchers at Socket have uncovered a coordinated attack targeting PHP Composer packages by hiding malicious JavaScript...

Supply Chain Storm: Over 700 Laravel Lang Versions Poisoned with Malicious RCE Backdoor Laravel Lang Supply Chain Attack laravel-lang RCE Backdoor

Laravel Lang Supply Chain Attack laravel-lang RCE Backdoor

Supply Chain Storm: Over 700 Laravel Lang Versions Poisoned with Malicious RCE Backdoor

Do Son May 23, 2026

A major software supply-chain storm is brewing in the PHP ecosystem. Security firm Socket has exposed a...

WantToCry Ransomware Leverages Exposed SMB for Remote Encryption Loops WantToCry Remote Ransomware SMB Brute Force Attacks

WantToCry Ransomware Leverages Exposed SMB for Remote Encryption Loops

Do Son May 23, 2026

A newly analyzed ransomware campaign is turning traditional endpoint defense playbooks upside down by executing its entire...

Malware-as-a-Service Exposed: Cisco Talos Unmasks Developer Behind Prolific “BadIIS” Web Server Toolkit BadIIS Malware as a Service

Malware-as-a-Service Exposed: Cisco Talos Unmasks Developer Behind Prolific “BadIIS” Web Server Toolkit

Do Son May 22, 2026

A sweeping forensic threat intelligence report has exposed the inner workings of a sophisticated, highly commercialized cybercriminal...

Bypassing Terminal Protections: New SHub “Reaper” Variant Abuses AppleScript to Loot macOS Endpoints SHub Stealer Reaper Variant macOS AppleScript Mitigation Bypass

SHub Stealer Reaper Variant macOS AppleScript Mitigation Bypass

Bypassing Terminal Protections: New SHub “Reaper” Variant Abuses AppleScript to Loot macOS Endpoints

Do Son May 22, 2026

Information stealers targeting macOS have continued to proliferate over the last two years, with threat actors iterating...

Storm-2949 Hijacks Azure Identity and Key Vaults in Catastrophic Cloud Campaign Storm-2949 Cloud Attack Azure Control Plane Compromise

Storm-2949 Hijacks Azure Identity and Key Vaults in Catastrophic Cloud Campaign

Do Son May 22, 2026

A sophisticated new threat actor is forcing corporate security leaders to re-evaluate their entire relationship with cloud...

CVSS 10.0 Zero-Day: Active Attacks Exploit LiteSpeed cPanel Plugin for Root Server Access LiteSpeed cPanel privilege escalation CVE-2026-54420, active exploitation, symlink vulnerability LiteSpeed cPanel Plugin Vulnerability CVE-2026-48172 Exploit

LiteSpeed cPanel privilege escalation CVE-2026-54420, active exploitation, symlink vulnerability LiteSpeed cPanel Plugin Vulnerability CVE-2026-48172 Exploit

CVSS 10.0 Zero-Day: Active Attacks Exploit LiteSpeed cPanel Plugin for Root Server Access

Do Son May 22, 2026

A critical vulnerability in the LiteSpeed User-End cPanel Plugin is currently being actively exploited in the wild,...

Twill Typhoon Exploits CDN Masquerading and DLL Sideloading to Breach APJ Networks Twill Typhoon DLL Sideloading

Twill Typhoon Exploits CDN Masquerading and DLL Sideloading to Breach APJ Networks

Do Son May 22, 2026

A sophisticated, highly targeted cyber-espionage campaign is actively penetrating corporate and critical infrastructure networks across the Asia-Pacific...

Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers

Do Son May 22, 2026

Ubiquiti has issued a major security advisory addressing five distinct vulnerabilities across its UniFi OS ecosystem. Three...

New Apache Camel K Flaw (CVE-2026-45760) Enables Cross-Namespace Attacks Apache Camel K Vulnerability CVE-2026-45760 Build Deputy Apache Camel Security CVE-2026-23552 CVE-2025-27636 CVE-2025-29891 PoC

Apache Camel K Vulnerability CVE-2026-45760 Build Deputy Apache Camel Security CVE-2026-23552 CVE-2025-27636 CVE-2025-29891 PoC

New Apache Camel K Flaw (CVE-2026-45760) Enables Cross-Namespace Attacks

Do Son May 22, 2026

A newly disclosed vulnerability was found in Apache Camel K, a widely trusted open-source integration framework designed...

Five Critical vm2 Vulnerabilities Grant Instant Node.js Host RCE vm2 Sandbox Escape Vulnerabilities CVE-2026-47140 Node.js RCE

Five Critical vm2 Vulnerabilities Grant Instant Node.js Host RCE

Do Son May 22, 2026

In the world of Node.js development, the vm2 library has long served as a popular mechanism for...

Print-Path RCE Exposed: Critical HP Linux Driver Flaws (CVE-2026-8631) Grant Root Privileges HPLIP Security Vulnerabilities CVE-2026-8631 Linux Flaw

HPLIP Security Vulnerabilities CVE-2026-8631 Linux Flaw

Print-Path RCE Exposed: Critical HP Linux Driver Flaws (CVE-2026-8631) Grant Root Privileges

Do Son May 22, 2026

A fresh security advisory has issued an urgent warning for open-source environments and enterprise Linux deployments utilizing...

Splunk Patches High-Severity Bugs Granting DoS and Internal Log Leaks

Do Son May 22, 2026

Splunk has issued a coordinated batch of security advisories targeting vulnerabilities across Splunk Enterprise, Splunk Cloud Platform,...

Fortra BoKS vulnerability OS command injection, CVE-2026-9862 Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Critical Altium Enterprise Server Flaws Grant RCE and Database Access

Do Son May 22, 2026

Altium Enterprise Server, the backbone platform used by engineering teams globally to manage complex printed circuit board...

PowerDNS Fixes Flaws Granting Server Crashes and Memory Corruption PowerDNS Authoritative Server Vulnerabilities CVE-2026-42001 DoS CVE-2024-25581 DNSdist vulnerability, DNS DoS

PowerDNS Authoritative Server Vulnerabilities CVE-2026-42001 DoS CVE-2024-25581 DNSdist vulnerability, DNS DoS

PowerDNS Fixes Flaws Granting Server Crashes and Memory Corruption

Do Son May 22, 2026

PowerDNS has issued a coordinated set of security advisories addressing multiple vulnerabilities discovered within its Authoritative Server...

Critical Alert 2 Active Exploits Detected Today