News Archives • Page 270 of 632 • Daily CyberSecurity

Shadowy IoT Army: Decades-Old Proxy Botnet Exposed and Crippled IoT botnet, proxy network

Shadowy IoT Army: Decades-Old Proxy Botnet Exposed and Crippled

Ddos May 13, 2025

Lumen Technologies’ Black Lotus Labs, in collaboration with the U.S. Department of Justice and the Dutch National...

Stealth in Pixels: .NET Malware Hides Payloads in Bitmap Resources steganography malware, Agent Tesla

Stealth in Pixels: .NET Malware Hides Payloads in Bitmap Resources

Ddos May 13, 2025

Palo Alto Networks’ Unit 42 has uncovered a sophisticated obfuscation technique leveraging steganography to hide malware within...

Türkiye-Linked Hackers Exploit Output Messenger Zero-Day (CVE-2025-27920) in Espionage Campaign

Ddos May 12, 2025

Microsoft Threat Intelligence has linked a regional cyber-espionage campaign exploiting a zero-day vulnerability in Output Messenger to...

VMware Tools Update Addresses Insecure File Handling Vulnerability VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

VMware Tools Update Addresses Insecure File Handling Vulnerability

Ddos May 12, 2025

Broadcom has released a security advisory addressing a moderate-severity vulnerability in VMware Tools, identified as CVE-2025-22247, which...

Windows 11 BSOD Survival Guide: Microsoft’s “Help” May Not Save You Blue Screen of Death, Windows 11

Windows 11 BSOD Survival Guide: Microsoft’s “Help” May Not Save You

Ddos May 12, 2025

The Blue Screen of Death (BSOD) is a rather familiar occurrence for Windows NT users. System crashes...

Blackout Mode: Microsoft Teams to Block Screenshots in Meetings Teams screenshot, meeting security

Blackout Mode: Microsoft Teams to Block Screenshots in Meetings

Ddos May 12, 2025

Microsoft is currently introducing a new feature for Microsoft Teams called “Prevent Screen Capture“. Once enabled, this...

Microsoft Extends Microsoft 365 Support on Windows 10 Until 2028 student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft Extends Microsoft 365 Support on Windows 10 Until 2028

Ddos May 12, 2025

Previously, Microsoft had clearly stated that support for Microsoft 365 applications on Windows 10 would cease once...

PoC Released: CVE-2024-26809 Exploits nftables Double-Free to Achieve Root Shell CVE-2024-26581 PoC Exploit nftables, CVE-2024-26809

PoC Released: CVE-2024-26809 Exploits nftables Double-Free to Achieve Root Shell

Ddos May 12, 2025

A vulnerability has been discovered in the Linux kernel’s nftables subsystem, specifically within the net/netfilter module, that...

Critical Security Flaws Found in ASUS DriverHub: Update Immediately ASUS DriverHub, vulnerability

Critical Security Flaws Found in ASUS DriverHub: Update Immediately

Ddos May 12, 2025

ASUS DriverHub, a tool designed to simplify driver updates by automatically detecting motherboard models and displaying available...

VS Code in the Browser at Risk: code-server Security Alert code-server, VS Code, security

VS Code in the Browser at Risk: code-server Security Alert

Ddos May 12, 2025

A newly disclosed security advisory reveals a vulnerability in the widely popular code-server project, which enables users...

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features

Ddos May 12, 2025

Cyber threat actors tied to North Korea are expanding their global reach with an updated strain of...

Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads Crypto theft, npm malware

Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads

Ddos May 12, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages designed to steal cryptocurrency credentials and trading...

FreeDrain: Silent Crypto Theft on Google? Massive Phishing Network Exposed Attack chain summary

FreeDrain: Silent Crypto Theft on Google? Massive Phishing Network Exposed

Ddos May 12, 2025

At PIVOTcon 2025, researchers from SentinelLABS and Validin unveiled a sprawling phishing campaign that has been quietly...

Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software libexpat, XML vulnerability

Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software

Ddos May 12, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of a stack overflow flaw in...

Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan RATty Trojan, email phishing

Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan

Ddos May 12, 2025

The FortiMail IR team has uncovered a highly sophisticated email campaign delivering the RATty Remote Access Trojan,...

Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements Crypto malvertising, Facebook ads

Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements

Ddos May 12, 2025

In a newly report, Bitdefender Labs has revealed a persistent and evolving malvertising campaign operating through Facebook...

Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign RMM abuse, Brazil spam

Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign

Ddos May 12, 2025

In a newly published threat report, Cisco Talos has revealed an ongoing spam campaign targeting Portuguese-speaking users...

Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS Cursor AI, Cursor IDE

Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS

Ddos May 11, 2025

The Socket Threat Research Team has uncovered a sophisticated campaign targeting macOS users of the Cursor AI...

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks Mitel vulnerabilities, SIP phone security

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks

Ddos May 11, 2025

In a newly published security advisory, Mitel has disclosed two critical vulnerabilities affecting several of its SIP...

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver

Ddos May 11, 2025

In a report issued by Unit 42, researchers disclosed that the vulnerability CVE-2025-31324, affecting SAP NetWeaver’s Visual...

Critical Alert 1 Active Exploit Detected Today