News Archives • Page 260 of 632 • Daily CyberSecurity

Windows Server 2025 “BadSuccessor” Flaw Allows Domain Takeover (PoC Available, No Patch) poc-windser

Windows Server 2025 “BadSuccessor” Flaw Allows Domain Takeover (PoC Available, No Patch)

Ddos May 27, 2025

Akamai security researcher Yuval Gordon has uncovered an Active Directory privilege escalation vulnerability in Windows Server 2025,...

Fundamental Web Security Broken: New Attacks Bypass Same-Origin Policy via HTTP/2 & SXG Same-Origin Policy bypass HTTP/2 exploit

Fundamental Web Security Broken: New Attacks Bypass Same-Origin Policy via HTTP/2 & SXG

Ddos May 27, 2025

In a revelation for web security, researchers from Tsinghua University have exposed two novel, off-path attacks —...

Mesh Wi-Fi Hack (CVSS 9.1): Design Flaw Enables Frame Injection (PoC Available) Mesh Wi-Fi vulnerability A-MSDU spoofing

Mesh Wi-Fi Hack (CVSS 9.1): Design Flaw Enables Frame Injection (PoC Available)

Ddos May 27, 2025

Researchers from KU Leuven’s DistriNet group have unveiled a new high-severity design flaw in mesh Wi-Fi networks....

GIMP Vulnerabilities: Malicious Images Can Lead to Code Execution GIMP vulnerability Image file exploit

GIMP Vulnerabilities: Malicious Images Can Lead to Code Execution

Ddos May 27, 2025

The open-source graphics editor GIMP—a trusted tool in the digital art and photography community—has been found vulnerable...

New macOS Infostealer: AppleProcessHub Uses Objective-C to Steal Developer Data

Ddos May 27, 2025

A stealthy new macOS infostealer named AppleProcessHub has attracted a lot of attention from security experts, with...

Unauthenticated Attack: Siemens SiPass Vulnerability Risks DoS Siemens SiPass vulnerability, access control DoS

Unauthenticated Attack: Siemens SiPass Vulnerability Risks DoS

Ddos May 27, 2025

Siemens has issued a security advisory to address an out-of-bounds read vulnerability in its SiPass integrated access...

Fake Google Meet Page Tricks Users into Running Malware Fake Google Meet, PowerShell malware

Fake Google Meet Page Tricks Users into Running Malware

Ddos May 27, 2025

A deceptively crafted fake Google Meet page has surfaced on compromised WordPress sites, tricking unsuspecting visitors into...

GhostSpy: Advanced Android RAT Steals Banking Info & Bypasses Security

Ddos May 27, 2025

CYFIRMA researchers have uncovered a highly advanced Android remote access trojan (RAT), dubbed GhostSpy, capable of full-spectrum...

ChatGPT Deep Research: Now Integrates with Box & Dropbox for Enhanced Insights ChatGPT Deep Research, AI cloud integration

ChatGPT Deep Research: Now Integrates with Box & Dropbox for Enhanced Insights

Ddos May 26, 2025

According to an official announcement from OpenAI, the Deep Research feature in ChatGPT now supports integration with...

Windows 11 KB5089549 network lag Windows 11 Home to Pro Education upgrade Windows 11 Start menu update Windows 11 update KB5079391 Windows 11 KB5085516 OOB update Windows 11 C drive permission error Windows 11 C drive access denied Windows native NVMe driver UEFI Secure Boot certificate rotation Windows 11 printer driver policy Windows 11 printer driver deprecation Windows 11 Build 26300 Sysmon Windows 11 Storage settings restriction Windows 11 Build 26300.7674, Windows Insider channel migration 2026 Windows 11 Update Fix KB5073455 shutdown bug, Secure Launch restart loop Windows 11 File Explorer search performance, Search Indexer RAM usage fix Windows 11 Gaming PC Specs, NVMe DirectStorage Windows 10 End of Support Windows 11 Slow Adoption Windows 11 Crash Loop KB5062553 Bug Update and Shut Down, KB5067036 Windows authentication, Kerberos bug Windows 11 fix, localhost bug Windows 11 Update Restart, Update and Shut Down Windows SMBv1 Windows 11 Arm, Easy Anti-Cheat Windows 11 error, Pluton Windows 11 24H2, Easy Anti-Cheat Windows Firewall Bug, Microsoft Update Error Windows 11, JScript9Legacy Windows Activation, TSforge Windows 11 Update, Firewall Error Windows 11 25H2, Annual Update Windows Resiliency Initiative, Kernel Security Windows 11 Upgrade, ESU Program Windows 11 Recall, Data Export Windows 11 Easy Anti-Cheat Windows 11 Update, Cumulative Update Windows Update, ACPI.sys Windows Updates, Enterprise Software Windows 11 Start Data Encryption Standard Printing Problems Windows 11 updates Estimated installation time Smart App Control, Windows 11 security

Windows 11 Smart App Control: Enhanced Security & Performance?

Ddos May 26, 2025

In the Windows 11 version 22H2 released by Microsoft in September 2022, a new feature called Smart...

Apache NuttX Vulnerable: Remote Code Execution via Bluetooth Stack Flaw Affects Embedded Systems Apache NuttX security, embedded system vulnerability

Apache NuttX security, embedded system vulnerability

Apache NuttX Vulnerable: Remote Code Execution via Bluetooth Stack Flaw Affects Embedded Systems

Ddos May 26, 2025

A critical security flaw in Apache NuttX RTOS has been uncovered in the Bluetooth HCI and UART...

Critical (CVSS 9.8): Canon Printers Vulnerable to Arbitrary Code Execution CVE-2023-6229 & CVE-2024-0244 Canon printer vulnerability, CVE-2025-2146

Critical (CVSS 9.8): Canon Printers Vulnerable to Arbitrary Code Execution

Ddos May 26, 2025

Canon has updated its January 2025 security advisory to include a newly identified critical vulnerability — CVE-2025-2146...

Critical Pre-Auth RCE: vBulletin Flaw Allows Full Server Compromise (PoC Available) vBulletin RCE, pre-auth RCE

Critical Pre-Auth RCE: vBulletin Flaw Allows Full Server Compromise (PoC Available)

Ddos May 26, 2025

A newly disclosed vulnerability in vBulletin, one of the most widely used commercial forum platforms on the...

Critical WSO2 Flaw: Unauthenticated Account Takeover Risk (CVSS 9.8) WSO2 vulnerability, account takeover

Critical WSO2 Flaw: Unauthenticated Account Takeover Risk (CVSS 9.8)

Ddos May 26, 2025

A recently disclosed vulnerability in WSO2 products, identified as CVE-2024-6914, poses a severe security threat to organizations...

Sony Camera Hack (CVSS 9.4): Default Credential Flaw Risks Full Control (PoC) Sony camera hack, default credential exploit

Sony Camera Hack (CVSS 9.4): Default Credential Flaw Risks Full Control (PoC)

Ddos May 26, 2025

A newly disclosed critical vulnerability in Sony’s SNC-series network cameras—tracked as CVE-2025-5124 with a CVSS score of...

Decade of Stealth: China-Linked TA-ShadowCricket Targets Asia-Pacific TA-ShadowCricket, Shadow Force malware

Decade of Stealth: China-Linked TA-ShadowCricket Targets Asia-Pacific

Ddos May 26, 2025

AhnLab and South Korea’s National Cyber Security Center (NCSC) have released a detailed joint report on a...

DOUBLELOADER Malware Uses ALCATRAZ Obfuscator to Evade Detection DOUBLELOADER malware, ALCATRAZ obfuscator

DOUBLELOADER Malware Uses ALCATRAZ Obfuscator to Evade Detection

Ddos May 26, 2025

Elastic Security Labs has identified a new malware family dubbed “DOUBLELOADER” that leverages ALCATRAZ—a game-hacking inspired obfuscator—to...

NPM Recon: Malicious Packages Found Stealing Internal Network IPs and Hostnames npm security, internal IP theft

NPM Recon: Malicious Packages Found Stealing Internal Network IPs and Hostnames

Ddos May 26, 2025

Socket’s Threat Research Team has uncovered an active and expanding malware campaign in the npm ecosystem. More...

Russian-Aligned TAG-110 Targets Tajikistan Governments with Stealthy Cyber-Espionage TAG-110 cyber-espionage, Tajikistan phishing

Russian-Aligned TAG-110 Targets Tajikistan Governments with Stealthy Cyber-Espionage

Ddos May 26, 2025

Recorded Future’s Insikt Group has uncovered a new cyber-espionage campaign by Russia-aligned threat actor TAG-110 targeting public...

Persistent DoS: Unauthenticated Attacker Crashes GNOME RDP (Even After Systemd) Linux desktop security, GNOME RDP

Persistent DoS: Unauthenticated Attacker Crashes GNOME RDP (Even After Systemd)

Ddos May 26, 2025

A newly disclosed flaw in GNOME’s remote desktop component, tracked as CVE-2025-5024 (CVSS 7.4), could allow unauthenticated...

Critical Alert 1 Active Exploit Detected Today