News Archives • Page 330 of 633 • Daily CyberSecurity

HTTP Client Tools Weaponized in Account Takeover Attacks Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

HTTP Client Tools Weaponized in Account Takeover Attacks

Ddos February 3, 2025

Proofpoint research reveals a growing trend of cybercriminals exploiting legitimate HTTP client tools to orchestrate account takeover...

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware SocGholish Windows malware

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware

Ddos February 3, 2025

A new report reveals that over 10,000 WordPress websites have been compromised to deliver malware targeting both...

Lumma Stealer Uses GitHub as a Malware Delivery Platform Artivion cybersecurity - Zero-Day Attacks

Lumma Stealer Uses GitHub as a Malware Delivery Platform

Ddos February 3, 2025

Cybersecurity researchers at Trend Micro Managed XDR have uncovered a sophisticated malware campaign that leverages GitHub’s release...

CVE-2024-53104: Critical Zero-Day Vulnerability Patched in February 2025 Android Security Update Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

CVE-2024-53104: Critical Zero-Day Vulnerability Patched in February 2025 Android Security Update

Ddos February 3, 2025

The February 2025 Android security update addresses 46 vulnerabilities, including a critical zero-day kernel vulnerability actively exploited...

Canadian Hacker Indicted for $65 Million DeFi Exploit Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Canadian Hacker Indicted for $65 Million DeFi Exploit

Ddos February 3, 2025

The U.S. Department of Justice (DOJ) has unsealed a five-count criminal indictment against a Canadian man accused...

MediaTek’s February 2025 Security Bulletin: Critical WLAN Vulnerabilities Expose Millions to Remote Attacks MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

MediaTek’s February 2025 Security Bulletin: Critical WLAN Vulnerabilities Expose Millions to Remote Attacks

Ddos February 3, 2025

MediaTek has released its February 2025 Product Security Bulletin, addressing several high-severity vulnerabilities affecting its chipsets used...

Cristal Intelligence: SoftBank’s $3B Bet on OpenAI SoftBank OpenAI $41 billion investment, Masayoshi Son AGI wager Cristal Intelligence - SB OpenAI Japan

Cristal Intelligence: SoftBank’s $3B Bet on OpenAI

Ddos February 3, 2025

In addition to recent reports suggesting a potential $25 billion investment in OpenAI, positioning itself to surpass...

ChatGPT’s Deep Research: AI-Powered Web Exploration OpenAI Deep Research

ChatGPT’s Deep Research: AI-Powered Web Exploration

Ddos February 3, 2025

Following the launch of its search functionality in ChatGPT, OpenAI has now introduced “Deep Research,” an advanced...

Sanctions Risk in Open Source: Linux Foundation Offers Guidance Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Sanctions Risk in Open Source: Linux Foundation Offers Guidance

Ddos February 3, 2025

The open-source world, built on collaboration and shared code, faces a growing challenge: navigating the complex landscape...

Microsoft to Kill its 365 VPN: What You Need to Know student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft to Kill its 365 VPN: What You Need to Know

Ddos February 3, 2025

In a move that’s sure to raise eyebrows and questions about its commitment to user privacy, Microsoft...

PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8) Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8)

Ddos February 2, 2025

A newly discovered race condition in Apple’s macOS kernel (XNU) could allow attackers to escalate privileges, corrupt...

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

Ddos February 2, 2025

Cybersecurity researchers at Socket have uncovered a new supply chain attack orchestrated by Lazarus Group, the notorious...

CVE-2024-57376: End-of-Life D-Link Routers Vulnerable to Unauthenticated RCE CVE-2024-57376 - DSL-3788 Router Vulnerability

CVE-2024-57376: End-of-Life D-Link Routers Vulnerable to Unauthenticated RCE

Ddos February 2, 2025

D-Link has updated a security advisory warning of a critical buffer overflow vulnerability affecting several end-of-life routers....

Devil-Traff: The New SMS Phishing Platform Exploited by Cybercriminals

Ddos February 2, 2025

Security researcher Daniel Kelley at SlashNext has unveiled a new threat to cybersecurity: Devil-Traff, a bulk SMS...

CVE-2025-0477 (CVSS 9.8): Critical Security Flaw in Rockwell Automation’s FactoryTalk AssetCentre

Ddos February 2, 2025

Industrial automation giant Rockwell Automation has issued a security advisory addressing multiple critical vulnerabilities in its FactoryTalk...

The Hidden Cyber Trap: How Compromised Websites and Malicious AdTech Manipulate Users

Ddos February 2, 2025

In the cybersecurity world, analysts often focus on the adversary’s tactics, techniques, and procedures (TTPs), but what...

CVE-2025-0851 (CVSS 9.8): Deep Java Library Vulnerability Allows Path Traversal Exploits

Ddos February 2, 2025

A newly discovered vulnerability in the Deep Java Library (DJL) has been found to leave systems open...

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond

Ddos February 2, 2025

Since its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely...

.Gov No More: Government Domains Weaponized in Phishing Surge Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

.Gov No More: Government Domains Weaponized in Phishing Surge

Ddos February 2, 2025

A recent Cofense Intelligence report has uncovered a troubling trend: threat actors are increasingly abusing .gov top-level...

Unrestricted Access: A Simple Web Misconfiguration Exposes Critical Data

Ddos February 2, 2025

A recent report by CloudSEK’s BeVigil reveals how a common web misconfiguration, namely enabled directory listings, led...

Critical Alert 1 Active Exploit Detected Today