News Archives • Page 317 of 633 • Daily CyberSecurity

CVE-2025-24752: Massive WordPress Plugin Vulnerability Exposes Millions to XSS Attacks

Ddos February 25, 2025

A high-severity security flaw has been discovered in the widely used WordPress plugin, Essential Addons for Elementor,...

Lumma Stealer Malware Expands Its Reach Through YouTube and Malvertising Lumma Stealer Youtube

Lumma Stealer Malware Expands Its Reach Through YouTube and Malvertising

Ddos February 25, 2025

Silent Push Threat Analysts have uncovered new developments in the spread of Lumma Stealer, a notorious infostealer...

OpenH264 Codec Vulnerability (CVE-2025-27091): Remote Code Execution Possible

Ddos February 25, 2025

Cisco has released a security advisory concerning a high-severity vulnerability in the OpenH264 codec library. Tracked as...

Censorship as a Service: Leak Exposes Public-Private Collaboration in Chinese Cyberspace Monitoring Okta Data Breach - TopSec cybersecurity firm

Okta Data Breach - TopSec cybersecurity firm

Censorship as a Service: Leak Exposes Public-Private Collaboration in Chinese Cyberspace Monitoring

Ddos February 25, 2025

SentinelLABS has analyzed a significant data leak revealing the infrastructure and operational practices of TopSec (北京天融), a...

GRUB2 Bootloader Vulnerabilities Expose Millions of Systems to Attacks GRUB 2.14 release Y2038 fix, Linux bootloader Argon2 TPM2 GRUB2 Bootloader Vulnerabilities - CVE-2025-0624

GRUB 2.14 release Y2038 fix, Linux bootloader Argon2 TPM2 GRUB2 Bootloader Vulnerabilities - CVE-2025-0624

GRUB2 Bootloader Vulnerabilities Expose Millions of Systems to Attacks

Ddos February 25, 2025

A series of critical vulnerabilities have been discovered in GRUB2, the popular boot loader used by many...

Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics

Ddos February 25, 2025

Kaspersky Labs has uncovered new activity from Angry Likho, an advanced persistent threat (APT) group that has...

PolarEdge Botnet: 2,000+ IoT Devices Infected PolarEdge IoT botnet

PolarEdge Botnet: 2,000+ IoT Devices Infected

Ddos February 25, 2025

The PolarEdge botnet, a sophisticated IoT-based malware campaign, has been discovered by Sekoia’s Threat Detection & Research...

Leadership Shift: Mozilla’s Future with New Executive Team Anthony Enzor-DeMeo Mozilla CEO, Firefox AI Mode 2026 Ad blockers, Copyright Law Firefox China, Mozilla Restructuring Mozilla Add-ons, Policy Update Mozilla leadership - Mozilla collect data Google Antitrust Antitrust Trial

Leadership Shift: Mozilla’s Future with New Executive Team

Ddos February 25, 2025

Mozilla President Mark Surman recently announced a series of leadership transitions within the organization, unveiling a newly...

Android’s Future: 8 Years of Security with Qualcomm & Google Qualcomm support updates vs. Arm

Android’s Future: 8 Years of Security with Qualcomm & Google

Ddos February 25, 2025

Google has long expressed its ambition to extend software and security updates for Android devices, aiming to...

CVE-2025-27364 (CVSS 10): Remote Code Execution Flaw Found in MITRE Caldera, PoC Releases

Ddos February 24, 2025

A newly discovered vulnerability in MITRE Caldera, tracked as CVE-2025-27364, has been assigned a critical CVSS score...

PoC Released: CVE-2024-13159 (CVSS 9.8) in Ivanti EPM Poses Severe Security Threat CVE-2024-13159 PoC exploit

PoC Released: CVE-2024-13159 (CVSS 9.8) in Ivanti EPM Poses Severe Security Threat

Ddos February 24, 2025

Security researcher Zach Hanley (@hacks_zach) of Horizon3.ai published the technical details and a proof-of-concept (PoC) exploit code...

CVE-2025-1128: Everest Forms Plugin Exposes 100,000+ WordPress Sites to Complete Takeover

Ddos February 24, 2025

A severe security vulnerability, tracked as CVE-2025-1128, has been uncovered in the popular WordPress plugin, Everest Forms,...

Search Engine Manipulation Leads to Backdoored App Downloads

Ddos February 24, 2025

Threat hunters at Hunt.io have uncovered a widespread malware campaign targeting Chinese-speaking users by distributing backdoored versions...

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks

Ddos February 24, 2025

Mattermost, an open-source platform for team communication and collaboration, has addressed three critical security vulnerabilities affecting its...

Free Office: Ads & Limits, Microsoft’s New Play Microsoft Office Free

Free Office: Ads & Limits, Microsoft’s New Play

Ddos February 24, 2025

First spotted by Beebom, Microsoft is currently testing a free version of Microsoft Office for users in...

OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

OpenAI Purges ChatGPT Accounts: China and North Korea Weaponizing AI for Propaganda

Ddos February 24, 2025

OpenAI has confirmed that it has begun blocking accounts linked to Chinese and North Korean users who...

CISA Flags Actively Exploited Security Vulnerabilities in Adobe ColdFusion and Oracle Agile PLM ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Flags Actively Exploited Security Vulnerabilities in Adobe ColdFusion and Oracle Agile PLM

Ddos February 24, 2025

Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known Exploited Vulnerabilities...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Stately Taurus Cyber Attacks in Southeast Asia Tied to Bookworm Malware

Ddos February 24, 2025

A new report from Unit 42 has linked the Stately Taurus threat actor to Bookworm malware, revealing...

From Confluence Vulnerability (CVE-2023-22527) to LockBit Encryption: A Rapid Attack Chain

Ddos February 24, 2025

Security researchers at The DFIR Report have uncovered a highly coordinated attack that leveraged a critical remote...

Beyond OpenAI: Apple Tests Google’s Gemini in Latest iOS Beta Google Gemini, audio files Gemini AI, Google AI Google Gemini 2.0 Flash Thinking iOS

Beyond OpenAI: Apple Tests Google’s Gemini in Latest iOS Beta

Ddos February 24, 2025

Apple Intelligence is currently powered primarily by OpenAI, but Apple has previously indicated that it plans to...