News Archives • Page 326 of 633 • Daily CyberSecurity

LegionLoader Malware Downloader Resurfaces with 2,000+ New Samples maps

LegionLoader Malware Downloader Resurfaces with 2,000+ New Samples

Ddos February 10, 2025

A new analysis from the TEHTRIS Threat Intelligence team details the resurgence of LegionLoader, a sophisticated malware...

CVE-2025-1077 (CVSSv4 9.5): Critical RCE Vulnerability Found in Visual Weather Products

Ddos February 10, 2025

IBL Software Engineering has issued a security advisory regarding a critical Remote Code Execution (RCE) vulnerability affecting...

BadIIS Malware Hijacks Asian Websites for SEO Fraud

Ddos February 10, 2025

Trend Micro researchers have uncovered a widespread SEO manipulation campaign orchestrated by a Chinese-speaking group utilizing a...

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed CVE-2024-6327 - CVE-2024-56131

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed

Ddos February 10, 2025

Progress has issued a security advisory addressing multiple vulnerabilities affecting all current LoadMaster releases and the LoadMaster...

Misconfigured APIs Expose Sensitive Medical Data in Major Diagnostic Chain

Ddos February 10, 2025

A recent investigation by CloudSEK’s BeVigil platform has revealed critical vulnerabilities in the API infrastructure of a...

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat

Ddos February 10, 2025

A new report from VulnCheck reveals a concerning rise in vulnerability exploitation, with 768 CVEs reported as...

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200 DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200

Ddos February 10, 2025

Apple today released urgent security updates for iOS and iPadOS to address a zero-day vulnerability that has...

Microsoft Integrates AI Agents into GitHub Copilot Copilot Edits - Project Padawan

Microsoft Integrates AI Agents into GitHub Copilot

Ddos February 10, 2025

Microsoft recently announced the full integration of agent-based automation tools into its GitHub Copilot service, enabling developers...

Cloudflare R2 Outage Explained: Accidental Shutdown Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare R2 Outage Explained: Accidental Shutdown

Ddos February 10, 2025

Earlier, multiple Cloudflare services, including R2, experienced an outage, once again stemming from an internal system issue....

PlayStation Network Down: Players Get 5-Day Extension PlayStation Network outage Sony Russia, business exit

PlayStation Network Down: Players Get 5-Day Extension

Ddos February 10, 2025

Sony’s PlayStation Network experienced a widespread and prolonged outage last weekend, with disruptions seemingly beginning at 6...

Meta Sued for Training AI with 81.7TB of Copyrighted Data Meta Horizon Worlds Quest shutdown Meta AI, Child Safety Meta Robotics, Android of Robotics Meta AI, Llama 4.X Meta, AI regulation Meta AI, Data Center Impact Meta AI, Superintelligence Meta Copyrighted Data AI chatbot

Meta Horizon Worlds Quest shutdown Meta AI, Child Safety Meta Robotics, Android of Robotics Meta AI, Llama 4.X Meta, AI regulation Meta AI, Data Center Impact Meta AI, Superintelligence Meta Copyrighted Data AI chatbot

Meta Sued for Training AI with 81.7TB of Copyrighted Data

Ddos February 9, 2025

Meta, the parent company of the social networking platform Facebook, is currently facing a class-action lawsuit over...

Meta’s Brain2Qwerty: Turning Brainwaves into Text with 80% Accuracy

Ddos February 9, 2025

Meta recently unveiled a white paper on its research project, “Brain2Qwerty,” a non-invasive technology designed to interpret...

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available CVE-2024-12754 PoC

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available

Ddos February 9, 2025

Security researcher Naor Hodorov has recently published an analysis of a vulnerability discovered in AnyDesk, a popular...

CVE-2025-25064 (CVSS 9.8): Critical SQL Injection Bug in Zimbra Collaboration

Ddos February 9, 2025

Zimbra Collaboration, a widely used open-source email and collaboration platform, has been found to contain two newly...

Hackers Exploit Google Tag Manager to Steal Credit Card Data from Magento Sites Google Tag Manager Skimmer

Hackers Exploit Google Tag Manager to Steal Credit Card Data from Magento Sites

Ddos February 9, 2025

In a recent incident, a Magento-based eCommerce website fell victim to a sophisticated credit card skimming attack,...

CVE-2025-0674 (CVSS 9.8) & CVE-2025-0675: CISA Warns of Critical Elber Flaws – PoC Available, No Patch

Ddos February 9, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding critical vulnerabilities in Elber...

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Ddos February 9, 2025

Cybersecurity firm Field Effect has identified and thwarted a sophisticated cyberattack that leveraged newly discovered vulnerabilities in...

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access

Ddos February 9, 2025

Industrial automation giant ABB has issued a cybersecurity advisory addressing a critical path traversal vulnerability (CVE-2024-48510) in...

Publicly Disclosed ASP.NET Machine Keys Used in Code Injection Attacks ViewState code injection attacks

Publicly Disclosed ASP.NET Machine Keys Used in Code Injection Attacks

Ddos February 9, 2025

Microsoft Threat Intelligence has reported a concerning trend: attackers are exploiting publicly disclosed ASP.NET machine keys to...

CVE-2025-0896 (CVSS 9.8): Orthanc DICOM Server Flaw Exposes Medical Images to Unauthorized Access

Ddos February 9, 2025

A critical-severity vulnerability has been discovered in Orthanc, an open-source DICOM server used in healthcare environments to...

Critical Alert 1 Active Exploit Detected Today