News Archives • Page 356 of 632 • Daily CyberSecurity

Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382

Ddos December 10, 2024

Google has announced its Chrome browser’s latest stable channel update, addressing several security vulnerabilities, including two classified...

Patchwork APT Targets Chinese Scientific Research in Renewed Campaign Exploited VMware

Patchwork APT Targets Chinese Scientific Research in Renewed Campaign

Ddos December 10, 2024

A new wave of cyberattacks targeting Chinese scientific organizations has been identified by cybersecurity researchers at Hunting...

MoqHao Malware Targets Apple IDs and Android Devices Using iCloud and VK Platforms

Ddos December 10, 2024

A new campaign by the Roaming Mantis-affiliated MoqHao malware family, also known as Wroba and XLoader, has...

CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA

Ddos December 10, 2024

SAP’s latest Security Patch Day, released today, detailed 10 new Security Notes alongside updates to three previously...

CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild

Ddos December 10, 2024

Huntress Labs has raised the alarm over the active exploitation of a critical vulnerability (CVE-2024-50623) in Cleo’s...

CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning SysUpgrade Server - CVE-2024-54143

CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning

Ddos December 9, 2024

OpenWrt, a popular open-source operating system for embedded devices, has disclosed a critical vulnerability (CVE-2024-54143) that could...

Let’s Encrypt to Deprecate OCSP in Favor of CRLs, Enhancing User Privacy Let's Encrypt 45-Day Certificates ACME Profile Updates 2026 Let’s Encrypt Generation Y, 45-Day TLS Certificates Let's Encrypt, IP Certificates Certificate Revocation Lists

Let’s Encrypt to Deprecate OCSP in Favor of CRLs, Enhancing User Privacy

Ddos December 9, 2024

Let’s Encrypt, a leading certificate authority renowned for its commitment to a secure and privacy-respecting internet, has...

International Operation Dismantles Phone Phishing Ring Targeting Vulnerable Individuals Across Europe Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

International Operation Dismantles Phone Phishing Ring Targeting Vulnerable Individuals Across Europe

Ddos December 9, 2024

A sophisticated phone phishing operation targeting vulnerable individuals, primarily the elderly, has been dismantled in a joint...

Bulletproof Hosting: The Dark Infrastructure Behind Global Cybercrime

Ddos December 9, 2024

A recent report by the Knownsec 404 team highlights the pivotal role of bulletproof hosting services in...

CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites

Ddos December 9, 2024

A critical vulnerability (CVE-2024-11205) discovered in WPForms, a prevalent WordPress form builder plugin with over 6 million...

FCC Takes Action to Strengthen Cybersecurity in Response to Salt Typhoon Cyberattack Salesforce vulnerability CVE-2025-9844 Salt Typhoon cyberattack

Salesforce vulnerability CVE-2025-9844 Salt Typhoon cyberattack

FCC Takes Action to Strengthen Cybersecurity in Response to Salt Typhoon Cyberattack

Ddos December 9, 2024

The Federal Communications Commission (FCC) is taking decisive action to bolster the cybersecurity of U.S. telecommunications networks...

Meta’s Q3 2024 Adversarial Threat Report: Global Disinformation Networks Disrupted Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Meta’s Q3 2024 Adversarial Threat Report: Global Disinformation Networks Disrupted

Ddos December 9, 2024

Meta has released its Third Quarter Adversarial Threat Report for 2024, detailing the disruption of five covert...

Radiant Capital Incident: $50M Cyber Heist Linked to North Korean Threat Actors FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Radiant Capital Incident: $50M Cyber Heist Linked to North Korean Threat Actors

Ddos December 9, 2024

A new report from Radiant Capital provides a detailed analysis of the sophisticated cyberattack that led to...

CVE-2024-12254: CPython Flaw Could Lead to Memory Exhaustion in asyncio Applications Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

CVE-2024-12254: CPython Flaw Could Lead to Memory Exhaustion in asyncio Applications

Ddos December 9, 2024

A high-severity vulnerability (CVE-2024-12254) has been discovered in CPython, the reference implementation of the Python programming language....

SpyNote RAT Targets High-Value Individuals in Southern Asia EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

SpyNote RAT Targets High-Value Individuals in Southern Asia

Ddos December 9, 2024

Cybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the...

Meeten Malware: AI-Powered Cyber Campaign Targets Web3 Professionals ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Meeten Malware: AI-Powered Cyber Campaign Targets Web3 Professionals

Ddos December 9, 2024

Cado Security Labs has uncovered a highly sophisticated cyber campaign targeting professionals in the Web3 space. At...

CVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk

Ddos December 8, 2024

Qlik, a leading provider of business intelligence and data analytics platforms, has disclosed two vulnerabilities affecting Qlik...

CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network CVE-2024-55563 - transaction-relay jamming attack

CVE-2024-55563 - transaction-relay jamming attack

CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network

Ddos December 8, 2024

A recently disclosed vulnerability, identified as CVE-2024-55563, has revealed a critical security risk within the Bitcoin network’s...

Activation Context Hijacking: “Eclipse” PoC Weaponizes Trusted Processes

Ddos December 8, 2024

Kurosh Dabbagh Escalante, a Red Team Operator at BlackArrow, has introduced Eclipse, a proof-of-concept (PoC) tool designed...

Windows Zero-Day Vulnerability CVE-2024-38193 Exploited in the Wild: PoC Published

Ddos December 8, 2024

A critical use-after-free vulnerability, identified as CVE-2024-38193, has been discovered in the afd.sys Windows driver. This vulnerability,...

Critical Alert 1 Active Exploit Detected Today