News Archives • Page 269 of 632 • Daily CyberSecurity

Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware Swan

Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware

Ddos May 14, 2025

The Seqrite Labs APT-Team has uncovered a complex cyber-espionage operation dubbed Swan Vector, targeting educational institutions and...

82,000+ WordPress Sites at Risk: TheGem Theme Vulnerabilities Allow Full Site Takeover WordPress vulnerabilities TheGem, WordPress Vulnerability

WordPress vulnerabilities TheGem, WordPress Vulnerability

82,000+ WordPress Sites at Risk: TheGem Theme Vulnerabilities Allow Full Site Takeover

Ddos May 14, 2025

In a recent disclosure by Wordfence, two serious vulnerabilities have been discovered in TheGem, a popular premium...

Horabot Malware Targets Latin America with Sophisticated Phishing

Ddos May 14, 2025

In a recent investigation, FortiGuard Labs has exposed a sophisticated phishing campaign distributing the Horabot malware family,...

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild Patch Tuesday, Zero-Day Exploits

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild

Ddos May 13, 2025

Microsoft’s May 2025 Patch Tuesday has addressed a total of 83 vulnerabilities across its product ecosystem, including...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Ddos May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

Fortinet CVE-2025-32756 Exploited in the Wild: Critical RCE Flaw Hits FortiVoice and More Fortinet, CVE-2025-32756

Fortinet CVE-2025-32756 Exploited in the Wild: Critical RCE Flaw Hits FortiVoice and More

Ddos May 13, 2025

Fortinet has disclosed a critical stack-based buffer overflow vulnerability, tracked as CVE-2025-32756, affecting a wide range of...

Europol Cracks €3M Investment Fraud: Global Operation Dismantles Online Scam Network Fake Investment Platform, Europol Operation

Europol Cracks €3M Investment Fraud: Global Operation Dismantles Online Scam Network

Ddos May 13, 2025

In an international operation supported by Europol and Eurojust, authorities have dismantled a transnational organized crime group...

Google Quietly Updates Logo with Gradient Colors Before Google I/O

Ddos May 13, 2025

In the days leading up to Google I/O 2025, Google has quietly unveiled a subtle redesign of...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Dior China Discloses Customer Data Breach After Unauthorized Access

Ddos May 13, 2025

French luxury brand Dior recently sent SMS notifications to its customers in China, disclosing a data breach...

macOS 16 to Get iOS-Style Clipboard Permissions for Enhanced Privacy AI Infrastructure macOS Security Clipboard Privacy

macOS 16 to Get iOS-Style Clipboard Permissions for Enhanced Privacy

Ddos May 13, 2025

Since the release of iOS 14, Apple has implemented restrictions on clipboard access within iPhones. By default,...

SAP Security Alert: May 2025 Patch Day Exposes Critical Threats! SAP Security Patch CVE-2025-42999

SAP Security Alert: May 2025 Patch Day Exposes Critical Threats!

Ddos May 13, 2025

Today, 2025, SAP released 16 new Security Notes and updated 2 previously released ones as part of...

PoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServices RemoteViewServices macOS Sandbox Escape

PoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServices

Ddos May 13, 2025

Apple has released a patch for a newly disclosed vulnerability in macOS, tracked as CVE-2025-31258, that could...

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered GNU Screen vulnerabilities setuid-root exploit

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered

Ddos May 13, 2025

A comprehensive security audit by the SUSE Security Team has uncovered a collection of serious flaws in...

CVE-2025-1087: Critical Template Injection in Insomnia API Client Enables Remote Code Execution Insomnia, template injection

CVE-2025-1087: Critical Template Injection in Insomnia API Client Enables Remote Code Execution

Ddos May 13, 2025

A critical vulnerability in Kong’s popular open-source API client, Insomnia, could allow attackers to execute arbitrary code...

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled APT37, RoKRAT

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled

Ddos May 13, 2025

In a recent expose by Genians Security Center (GSC), North Korean-linked APT group APT37 has once again...

AI Tools Turn Trojan: Fake Video Platforms Drop Noodlophile Stealer and XWorm Payloads

Ddos May 13, 2025

Cybercriminals are now hijacking the hype surrounding AI to deliver sophisticated malware, as revealed in a new...

How to Stop Threats that Bypass Multi-Factor Authentication

Ddos May 13, 2025

Multi-Factor Authentication (MFA) has long been hailed as one of the most effective ways to secure user...

PoC Released: CVE-2025-31644 Exploit Grants Root Access on F5 BIG-IP via Appliance Mode Command Injection CVE-2024-45844 command injection root access

PoC Released: CVE-2025-31644 Exploit Grants Root Access on F5 BIG-IP via Appliance Mode Command Injection

Ddos May 13, 2025

A high-severity vulnerability identified as CVE-2025-31644 has been discovered in F5’s BIG-IP systems operating in Appliance mode,...

PupkinStealer: Tiny Malware, Big Theft via Telegram Bot Exposed PupkinStealer, Telegram malware

PupkinStealer: Tiny Malware, Big Theft via Telegram Bot Exposed

Ddos May 13, 2025

CYFIRMA researchers have revealed a new .NET-based information stealer called PupkinStealer, a lightweight but highly targeted malware...

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users

Ddos May 13, 2025

Sophos X-Ops has uncovered a cunning cybercrime campaign using fake CAPTCHA pages to trick users into running...

Critical Alert 1 Active Exploit Detected Today