News Archives • Page 309 of 633 • Daily CyberSecurity

Beware of “Cheats” and “Cracks”: DCRat Backdoor Lurks on YouTube

Ddos March 11, 2025

Kaspersky Labs has issued a warning about a resurgence of the DCRat backdoor, a remote access trojan...

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions AI controversy, Xbox layoffs Xbox ban VPN Microsoft Layoffs, Xbox Gaming Cuts

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions

Ddos March 11, 2025

Technology companies typically employ differentiated pricing strategies across various markets, taking into account factors such as purchasing...

SAP Patches High-Severity XSS and Authorization Flaws in Latest Security Updates SAP Security Patch May 2026 CVE-2026-34260 S/4HANA CVE-2024-22127 - CVE-2025-27434 SAP Solution Manager Code Injection, Critical SAP Patch

SAP Patches High-Severity XSS and Authorization Flaws in Latest Security Updates

Ddos March 11, 2025

SAP has released its latest round of security updates, addressing 21 new vulnerabilities and providing 3 updates...

Ghost Plugin Plagues Over a Million Terminals, Hijacking Search Results and User Data

Ddos March 10, 2025

The Qi’anxin Threat Intelligence Center has uncovered a massive cyber operation impacting over a million internet users...

CVE-2025-24813 Flaw in Apache Tomcat Exposes Servers to RCE, Data Leaks: Update Immediately CVE-2024-21733 - CVE-2025-24813

CVE-2025-24813 Flaw in Apache Tomcat Exposes Servers to RCE, Data Leaks: Update Immediately

Ddos March 10, 2025

A serious vulnerability, CVE-2025-24813, has been discovered in Apache Tomcat, potentially allowing attackers to execute remote code,...

CVE-2025-27816 (CVSS 9.8): Critical Vulnerability in Veritas InfoScale Could Allow RCE Veritas Enterprise Vault server CVE-2025-27816

CVE-2025-27816 (CVSS 9.8): Critical Vulnerability in Veritas InfoScale Could Allow RCE

Ddos March 10, 2025

Veritas has issued a critical security advisory regarding a vulnerability in its Arctera InfoScale product that could...

CVE-2024-56325 (CVSS 9.8): Authentication Bypass Vulnerability Discovered in Apache Pinot CVE-2024-56325 Apache Pinot vulnerability

CVE-2024-56325 (CVSS 9.8): Authentication Bypass Vulnerability Discovered in Apache Pinot

Ddos March 10, 2025

Apache Pinot, the high-performance real-time OLAP datastore originally developed by LinkedIn and Uber, has become a critical...

DDoS Strikes X: Cloudflare Saves Platform, Dark Storm Suspected TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

DDoS Strikes X: Cloudflare Saves Platform, Dark Storm Suspected

Ddos March 10, 2025

Today, the social media platform X/Twitter experienced multiple outages, each affecting different regions for varying durations. Following...

EByte Ransomware: A New Go-Based Threat with Advanced Encryption Techniques

Ddos March 10, 2025

CYFIRMA has identified a new ransomware variant, EByte Ransomware, written in Go Language and actively targeting Windows...

Popular JavaScript Library ‘Axios’ Exposes Millions to Server-Side Vulnerabilities (CVE-2025-27152) Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Popular JavaScript Library ‘Axios’ Exposes Millions to Server-Side Vulnerabilities (CVE-2025-27152)

Ddos March 10, 2025

A newly discovered vulnerability in the widely-used JavaScript library ‘Axios’ could leave millions of users at risk...

Chrome Update: 5 Security Fixes, High-Risk Flaws Addressed ASAP Chrome Vulnerability CVE-2024-4761 - Google Sell Chrome CVE-2025-1920 Chrome Crash, Browser Issue

Chrome Vulnerability CVE-2024-4761 - Google Sell Chrome CVE-2025-1920 Chrome Crash, Browser Issue

Chrome Update: 5 Security Fixes, High-Risk Flaws Addressed ASAP

Ddos March 10, 2025

An important security update has been released for the Chrome Stable channel, addressing five vulnerabilities, including three...

Strela Stealer Malware Targets European Email Credentials with Advanced Techniques

Ddos March 10, 2025

Trustwave SpiderLabs has published a report on Strela Stealer, a sophisticated infostealer malware that has been active...

CVE-2025-27509 (CVSS 9.3): Fleet Patches Critical SAML Authentication Vulnerability

Ddos March 10, 2025

Fleet, an open-source platform widely used for IT and security operations, has released a critical security update...

Phantom Goblin Malware: Stealthy Attacks via VSCode Tunnels

Ddos March 10, 2025

A newly identified stealthy malware campaign, dubbed Phantom Goblin, has been uncovered by Cyble Research and Intelligence...

Cybercriminals Lose: 80% Fewer Unauthorized Cobalt Strikes GoffLoader - Unauthorized Cobalt Strikes

Cybercriminals Lose: 80% Fewer Unauthorized Cobalt Strikes

Ddos March 10, 2025

A collaborative effort led by Microsoft’s Digital Crimes Unit (DCU), Fortra, and the Health Information Sharing and...

WinDbg Remote Code Execution Vulnerability: CVE-2025-24043 Exposes Critical Security Risk

Ddos March 9, 2025

A newly disclosed security vulnerability, CVE-2025-24043, affecting Microsoft’s WinDbg debugger, poses a severe remote code execution (RCE)...

Node.js Expands CVE Coverage for EOL Releases Despite MITRE Rejection CVE-2025-23083 - Node.js EOL

Node.js Expands CVE Coverage for EOL Releases Despite MITRE Rejection

Ddos March 9, 2025

In a significant shift in its vulnerability management approach, the Node.js team has decided to extend Common...

1.08M Downloads at Risk: Volt Fixes Severe RCE Vulnerability (CVE-2025-27517)

Ddos March 9, 2025

Volt, a widely adopted functional API for Livewire, has recently patched a critical remote code execution (RCE)...

Microsoft Uncovers Massive Malvertising Campaign Distributing Info Stealers via GitHub

Ddos March 9, 2025

In early December 2024, Microsoft Threat Intelligence uncovered a large-scale malvertising campaign that infected nearly one million...

CVE-2024-12799 (CVSS 10): OpenText Identity Manager Vulnerability Exposes Sensitive Information

Ddos March 9, 2025

OpenText Identity Manager, a comprehensive identity management suite used by organizations to manage user identities and access,...