News Archives • Page 338 of 633 • Daily CyberSecurity

o3-mini: OpenAI’s New AI Model Coming Soon o3-mini GPT-5 GPT-4 retirement, GPT-4o ChatGPT quota, OpenAI update

o3-mini: OpenAI’s New AI Model Coming Soon

Ddos January 20, 2025

OpenAI CEO Sam Altman has revealed plans to launch the o3-mini artificial intelligence model within the coming...

TikTok Ban Extended as Trump Pushes for U.S. Equity in Joint Venture TikTok acquisition TikTok, U.S.-China deal TikTok M2, US DivestmentTrump saves TikTok

TikTok acquisition TikTok, U.S.-China deal TikTok M2, US DivestmentTrump saves TikTok

TikTok Ban Extended as Trump Pushes for U.S. Equity in Joint Venture

Ddos January 19, 2025

After ByteDance voluntarily ceased TikTok’s operations within the United States, it issued a statement within less than...

Zero-Day Vulnerability in Windows Exploited: CVE-2024-49138 PoC Code Released

Ddos January 19, 2025

Security researcher MrAle_98 recently published a proof-of-concept (PoC) exploit for a zero-day vulnerability, CVE-2024-49138. This flaw, which...

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts

Ddos January 19, 2025

Microsoft Threat Intelligence has uncovered a new spear-phishing campaign orchestrated by the Russian threat actor known as...

CVE-2025-2306 (CVSS 9.0): Mongoose Flaw Leaves Millions of Downloads Exposed to Search Injection

Ddos January 19, 2025

A newly discovered vulnerability in Mongoose, a popular MongoDB object modeling tool, could leave millions of users...

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit Malicious Discord PyPI Package

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit

Ddos January 19, 2025

The Socket research team has identified a malicious Python package on PyPI named pycord-self, targeting developers working...

Sneaky 2FA: A New Adversary-in-the-Middle Phishing-as-a-Service Threat

Ddos January 19, 2025

SEKOIA’s Threat Detection & Research (TDR) team has exposed a new Adversary-in-the-Middle (AiTM) phishing kit, dubbed “Sneaky...

Black Basta Exploits Microsoft Teams for Phishing Attacks SloppyLemming

Black Basta Exploits Microsoft Teams for Phishing Attacks

Ddos January 19, 2025

NVISO Labs has uncovered a sophisticated phishing campaign attributed to the ransomware group Black Basta, leveraging Microsoft...

Critical Vulnerabilities in QNX Software Development Platform Image Codecs Expose Systems to Attacks

Ddos January 19, 2025

BlackBerry’s QNX Software Development Platform (SDP), a widely used real-time operating system in safety-critical industries, is the...

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns Truth Social Fraud

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns

Ddos January 19, 2025

Truth Social, the social media platform launched by Trump Media & Technology Group in 2022, has become...

IoT Botnet Fuels Large-Scale DDoS Attacks Targeting Global Organizations

Ddos January 19, 2025

A newly discovered IoT botnet has been linked to a series of large-scale distributed denial-of-service (DDoS) attacks...

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series

Ddos January 18, 2025

Moxa has issued a security advisory detailing CVE-2024-12297 (CVSS 9.2), a critical vulnerability in its EDS-508A Series...

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique

Ddos January 18, 2025

North Korea’s notorious Lazarus APT group has been observed employing advanced social engineering tactics in a campaign...

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks

Ddos January 18, 2025

Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and...

CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw

Ddos January 17, 2025

Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2025-0107, a vulnerability in...

Real Estate Scams on the Rise in the Middle East TASPEN, mobile malware North Korean IT Worker Fraud

Real Estate Scams on the Rise in the Middle East

Ddos January 17, 2025

As the real estate market increasingly transitions to digital platforms, the Middle East has become a hotbed...

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw CVE-2024-53691 PoC exploit

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

Ddos January 16, 2025

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices,...

Yubico Addresses Authentication Bypass Vulnerability CVE-2025-23013 in pam-u2f Package

Ddos January 16, 2025

Yubico, a leading provider of security keys and authentication solutions, has issued a security advisory to address...

The Rise of AI Search: Google Search Market Share Dips Below 90% Google Arkansas Investment, AI Data Center Google, privacy fine Ecosia Google Chrome Alphabet Earnings, AI Growth Google Hydropower, AI Data Centers Google Breakup Antitrust Workspace Flows Google Workspace Google remote work, return to office