News Archives • Page 327 of 633 • Daily CyberSecurity

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks

Ddos February 9, 2025

Abyss Locker, an emerging ransomware group that surfaced in 2023, has swiftly escalated its cyber onslaught throughout...

Massive Indian Mobile Banking Heist Uncovered: FatBoyPanel’s Trojan Network Exposes 50,000 Users’ Data

Ddos February 9, 2025

The zLabs research team has uncovered a large-scale mobile banking malware operation targeting users of Indian financial...

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities CVE-2025-24786 & CVE-2025-24787

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities

Ddos February 9, 2025

The widely used database management tool WhoDB has been found to contain two critical security vulnerabilities—a path...

Flesh Stealer Malware Targets Browsers and Cryptocurrency Wallets

Ddos February 9, 2025

CYFIRMA has released a report on a new information-stealing malware called Flesh Stealer. This malware, written in...

Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks SVG Phishing Attacks

Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks

Ddos February 8, 2025

Sophos has identified a novel phishing technique that leverages Scalable Vector Graphics (SVG) files to bypass anti-spam...

CVE-2024-51547 (CVSS 9.8): Hard-Coded Credentials in ABB ASPECT

Ddos February 8, 2025

ABB has released a cybersecurity advisory warning about a critical hard-coded credentials vulnerability (CVE-2024-51547, CVSS 9.8) in...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Malicious Cisco AnyConnect Ads Target Users with NetSupport RAT

Ddos February 8, 2025

A new malvertising campaign is distributing a fake Cisco AnyConnect installer that delivers the NetSupport RAT Trojan....

Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender

Ddos February 7, 2025

Bitdefender Labs has uncovered an active cyber espionage campaign by the Lazarus Group, a North Korean state-sponsored...

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1) IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1)

Ddos February 7, 2025

IBM has issued a security bulletin addressing two vulnerabilities in its Security Verify Directory Server Container that...

AsyncRAT Rises Again: Malware Abuses Legitimate Services for Stealthy Delivery AsyncRAT Delivery

AsyncRAT Rises Again: Malware Abuses Legitimate Services for Stealthy Delivery

Ddos February 7, 2025

Forcepoint X-Labs exposes a new campaign utilizing Python, TryCloudflare, and Dropbox to spread the notorious AsyncRAT. The...

CVE-2025-0994: Critical Vulnerability in Trimble Cityworks Exploited in the Wild

Ddos February 7, 2025

Trimble, a leading provider of industrial technology solutions, has issued an urgent cybersecurity advisory regarding a critical...

Arm Drops NUVIA Lawsuit Against Qualcomm CVE-2023-4211 - Arm Lawsuit

Arm Drops NUVIA Lawsuit Against Qualcomm

Ddos February 7, 2025

During Qualcomm’s recent announcement of its financial results for the first quarter of fiscal year 2025, CEO...

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available CVE-2024-21413 exploit

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available

Ddos February 7, 2025

A critical vulnerability in Microsoft Outlook, tracked as CVE-2024-21413, is being actively exploited in the wild, posing...

Google’s SynthID Now in Magic Editor: AI Image Detection SynthID Magic Editor

Google’s SynthID Now in Magic Editor: AI Image Detection

Ddos February 7, 2025

Google has announced the integration of its digital watermarking technology, SynthID, into its photo editing tool, Magic...

MMS “VidSpam”: A New Bitcoin Scam Using Old Tech Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

MMS “VidSpam”: A New Bitcoin Scam Using Old Tech

Ddos February 7, 2025

Cybersecurity researchers at Proofpoint have discovered a resurgence of an old technology being used in a new...

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points CVE-2022-48196 NETGEAR Security Vulnerabilities

CVE-2022-48196 NETGEAR Security Vulnerabilities

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points

Ddos February 6, 2025

NETGEAR has recently issued security advisories addressing critical vulnerabilities in several of its WiFi router and access...

Kimsuky Group Leverages RDP Wrapper for Persistent Cyber Espionage North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Kimsuky Group Leverages RDP Wrapper for Persistent Cyber Espionage

Ddos February 6, 2025

The notorious North Korean APT group Kimsuky has continued its cyber espionage operations, leveraging spear-phishing attacks and...

CVE-2024-9643 & CVE-2024-9644: Authentication Bypass in Four-Faith F3x36 Routers Puts Networks at Risk

Ddos February 6, 2025

Two newly discovered security vulnerabilities—CVE-2024-9643 and CVE-2024-9644—affecting the Four-Faith F3x36 router (firmware v2.0.0) could allow remote attackers...

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities CVE-2024-45626 and CVE-2024-37358

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities

Ddos February 6, 2025

The Apache James (Java Apache Mail Enterprise Server) mail server, a widely used open-source solution, has been...

BADBOX Botnet: Pre-installed Malware Targets Android Devices Android BADBOX Botnet

BADBOX Botnet: Pre-installed Malware Targets Android Devices

Ddos February 6, 2025

A new and insidious botnet dubbed BADBOX is infecting hundreds of thousands of Android devices, with the...

Critical Alert 1 Active Exploit Detected Today