News Archives • Page 342 of 632 • Daily CyberSecurity

Cracked Software: A Gateway to Malware and Data Theft ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Cracked Software: A Gateway to Malware and Data Theft

Ddos January 10, 2025

Trend Micro’s latest analysis sheds light on the growing menace of fake software installers and cracked applications,...

Ivanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical Exploitation Details Unveiled NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Ivanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical Exploitation Details Unveiled

Ddos January 10, 2025

On January 8, 2025, Ivanti disclosed an actively exploited zero-day vulnerability, tracked as CVE-2025-0282, affecting its Connect...

Recruitment Scam Targets Job Seekers with Fake CrowdStrike Branding CrowdStrike phishing campaign

Recruitment Scam Targets Job Seekers with Fake CrowdStrike Branding

Ddos January 10, 2025

Recently, CrowdStrike uncovered a phishing campaign exploiting its trusted recruitment branding to distribute the XMRig cryptominer. Disguised...

Microsoft Developer Account Suspension Microsoft Web Activation Portal Driver Signing Account Suspension Windows 11 Smart App Control Windows 11 SE end of support, Microsoft education hardware pivot Microsoft Product Activation Portal 2025, Windows telephone activation discontinued Windows Update Naming, Microsoft Update Microsoft earnings, OpenAI valuation VBScript deprecation Microsoft Pakistan, Office Closure Microsoft job cuts Microsoft Own AI Models

Microsoft to Cut 2,200 Jobs in Performance-Based Layoffs

Ddos January 9, 2025

In a move signaling a shift from broad-stroke layoffs to a more targeted approach, Microsoft has confirmed...

Node.js to Issue CVE for End-of-Life Versions CVE-2024-36138 - Node.js vulnerability

Node.js to Issue CVE for End-of-Life Versions

Ddos January 9, 2025

In a significant move to bolster security and encourage users to stay up-to-date, the Node.js Project has...

Stealthy Malware Hides in WordPress Database, Steals Payment Data Credit Card Skimmer

Stealthy Malware Hides in WordPress Database, Steals Payment Data

Ddos January 9, 2025

A new breed of credit card skimming malware has been discovered, targeting WordPress checkout pages with alarming...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Fake LDAPNightmare PoC Exploit Conceals Information-Stealing Malware

Ddos January 9, 2025

Trend Micro researchers have uncovered a dangerous fake proof-of-concept (PoC) exploit masquerading as an exploit for CVE-2024-49113,...

New PayPal Phishing Scam Bypasses Security Measures PayPal Industrial Bank, Fintech Crypto Lending PayPal, Hotel Booking Perplexity AI, PayPal

PayPal Industrial Bank, Fintech Crypto Lending PayPal, Hotel Booking Perplexity AI, PayPal

New PayPal Phishing Scam Bypasses Security Measures

Ddos January 9, 2025

The cybersecurity community often encounters sophisticated phishing attempts, but a new PayPal phishing tactic recently dissected by...

The Linux Foundation to Manage New Chromium Fund Chrome 14-day update cycle Chromium JPEG-XL Image Format Debate Chromium DoS, document.title Browser Muting, iframe Media Supporters of Chromium-based Browsers

Chrome 14-day update cycle Chromium JPEG-XL Image Format Debate Chromium DoS, document.title Browser Muting, iframe Media Supporters of Chromium-based Browsers

The Linux Foundation to Manage New Chromium Fund

Ddos January 9, 2025

The Chromium project, the open-source foundation for web browsers like Google Chrome, Microsoft Edge, and Opera, is...

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail

Ddos January 9, 2025

Socket’s threat research team has uncovered a concerning campaign involving malicious npm packages designed to exfiltrate Solana...

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies Play Ransomware Tactics

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies

Ddos January 9, 2025

Play ransomware, also known as Balloonfly or PlayCrypt, has emerged as a significant cyber threat since its...

Muddling Malspam: Unveiling the Use of Spoofed Domains in Malicious Spam Campaigns

Ddos January 9, 2025

A recent report by Infoblox Threat Intel uncovers the extensive and intricate use of spoofed domains in...

Unpatched Vulnerabilities in Fancy Product Designer Plugin Put 20,000+ Websites at Risk CVE-2024-51919 & CVE-2024-51918

Unpatched Vulnerabilities in Fancy Product Designer Plugin Put 20,000+ Websites at Risk

Ddos January 9, 2025

In a recent security advisory, Rafie Muhammad, a security researcher at Patchstack, has uncovered critical vulnerabilities in...

Malware Alert: Banshee Stealer Targets macOS Users macOS malware 2024 XCSSET

Malware Alert: Banshee Stealer Targets macOS Users

Ddos January 9, 2025

Cybersecurity researchers at Check Point Research (CPR) have identified a new and sophisticated version of the Banshee...

Tails 6.11 Fixes Exploitable Vulnerabilities with Critical Security Patches Tails vulnerability - Tails 6.11

Tails 6.11 Fixes Exploitable Vulnerabilities with Critical Security Patches

Ddos January 9, 2025

The Amnesic Incognito Live System (Tails) has released version 6.11, addressing critical security vulnerabilities uncovered during an...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

Ddos January 8, 2025

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly...

macOS Vulnerability CVE-2024-54527 Unveiled: TCC Bypass PoC Exploit Code Released Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

macOS Vulnerability CVE-2024-54527 Unveiled: TCC Bypass PoC Exploit Code Released

Ddos January 8, 2025

A detailed technical and a proof-of-concept (PoC) exploit code from security researcher Mickey Jin has unveiled a...

Mutiple Vulnerabilities Found in Palo Alto Networks Expedition Tool CVE-2024-5921 - CVE-2025-0103 CVE-2025-0110 PoC

Mutiple Vulnerabilities Found in Palo Alto Networks Expedition Tool

Ddos January 8, 2025

Palo Alto Networks has issued a security advisory addressing multiple vulnerabilities in its Expedition migration tool, which...

GitLab Tackles Critical Security Flaws in Latest Patch Release GitLab security CVE-2025-25291 and CVE-2025-25292

GitLab Tackles Critical Security Flaws in Latest Patch Release

Ddos January 8, 2025

GitLab, the popular DevOps platform, has released a patch update addressing several security vulnerabilities affecting its import...

Apache OpenMeetings Users Urged to Patch Critical Flaw – CVE-2024-54676 (CVSS 9.8)

Ddos January 8, 2025

A critical security vulnerability (CVE-2024-54676, CVSS 9.8) has been discovered in Apache OpenMeetings, a popular open-source platform...

Critical Alert 1 Active Exploit Detected Today