News Archives • Page 50 of 641 • Daily CyberSecurity

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

Do Son April 5, 2026

A security vulnerability was found in Dgraph, the high-performance, horizontally scalable GraphQL database. The flaw, designated as...

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season 2026 Tax Phishing RMM Abuse

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season

Do Son April 5, 2026

As the 2026 tax season reaches its peak, cybersecurity researchers have identified a massive surge in digital...

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild

Do Son April 4, 2026

Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS...

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws Apache Traffic Server Vulnerabilities CVE-2024-56195 and CVE-2024-56196

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws

Do Son April 3, 2026

Apache Traffic Server, the high-performance web proxy cache responsible for keeping the modern web fast, is facing...

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw Payload CMS Vulnerability CVE-2026-34751

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw

Do Son April 3, 2026

The rapid-growth, fullstack Next.js framework Payload—known for giving developers “instant backend superpowers” —is facing a serious security...

CVE-2026-4370 (CVSS 10): Critical Juju Flaw Grants Attackers Total Infrastructure Control

Do Son April 3, 2026

The cybersecurity community is on high alert following the discovery of a critical security flaw in Juju,...

Breaking the Input: Sandbox Escape Hits libinput, Exposing Leading Linux Desktops libinput Sandbox Escape CVE-2026-35093

Breaking the Input: Sandbox Escape Hits libinput, Exposing Leading Linux Desktops

Do Son April 3, 2026

The core of modern Linux input handling is facing a significant security challenge. libinput, the essential library...

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers MuPDF RCE Integer Overflow

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers

Do Son April 3, 2026

A significant security flaw has been unearthed in Artifex MuPDF, a popular framework prized for its speed...

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

The EU’s AWS “Master Key”: How a Compromised Trivy Update Leaked 340GB of Data

Do Son April 3, 2026

The digital defenses of the European Union faced a significant test this March as a sophisticated supply-chain...

The WordPress Killer? Cloudflare Unveils EmDash, the AI-Native CMS Built for the Serverless Epoch Cloudflare EmDash CMS

The WordPress Killer? Cloudflare Unveils EmDash, the AI-Native CMS Built for the Serverless Epoch

Do Son April 3, 2026

The network service architect Cloudflare frequently disseminates nascent offerings upon April Fools’ Day—strategic unveilings that, despite their...

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation

Do Son April 3, 2026

In the critical infrastructure of the internet, OpenSSH stands as one of the most vital gatekeepers for...

The Resurrection of the Beam: Google Challenges AirDrop with Android 17’s “Tap to Share” Android 17 Tap to Share Gemini Scam Detection Galaxy S26 AI Security

Android 17 Tap to Share Gemini Scam Detection Galaxy S26 AI Security

The Resurrection of the Beam: Google Challenges AirDrop with Android 17’s “Tap to Share”

Do Son April 3, 2026

The “NameDrop” and AirDrop “Tap to Share” functionalities introduced by Apple in iOS 17 have garnered significant...

Inside the Rapid Evolution of the BlankGrabber Stealer BlankGrabber Stealer Python Malware Analysis

Inside the Rapid Evolution of the BlankGrabber Stealer

Do Son April 3, 2026

A deep-dive analysis by the Splunk Threat Research Team (STRT) has shed light on BlankGrabber, a Python-based...

The Apache 2.0 Revolution: Google’s Gemma 4 Shatters the Open-Source Intelligence Ceiling Google Gemma 4 release

The Apache 2.0 Revolution: Google’s Gemma 4 Shatters the Open-Source Intelligence Ceiling

Do Son April 3, 2026

Following the debut of its proprietary large language model, Gemini 3 Pro, late last year, Google has...

The Lobster Craze: How OpenClaw is Triggering a High-Stakes AI Agent Arms Race in China OpenClaw Lobster

The Lobster Craze: How OpenClaw is Triggering a High-Stakes AI Agent Arms Race in China

Do Son April 3, 2026

OpenClaw has proclaimed a foundational infrastructural alliance with ByteDance, inaugurating a bespoke localized software emporium—the “Mirror Site”—alongside...

Microsoft’s Declaration of Independence: The New MAI Models Challenging OpenAI and Google Microsoft MAI models

Microsoft’s Declaration of Independence: The New MAI Models Challenging OpenAI and Google

Do Son April 3, 2026

Under the stewardship of Microsoft’s AI visionary, Mustafa Suleyman, the “Superintelligence” collective has unveiled a triad of...

Apple Severs All Payment Processing in Russia Following Government Mandates Apple Russia payment suspension iOS 26.3 Proximity Pairing, Apple DMA compliance 2026 Tap to Pay, Apple Pay Wireless charging Always-On Display, iOS 26 iOS 26, EU App APIs Rare Earths, Apple Supply Chain

Apple Russia payment suspension iOS 26.3 Proximity Pairing, Apple DMA compliance 2026 Tap to Pay, Apple Pay Wireless charging Always-On Display, iOS 26 iOS 26, EU App APIs Rare Earths, Apple Supply Chain

Apple Severs All Payment Processing in Russia Following Government Mandates

Do Son April 3, 2026

According to the support documentation promulgated by Apple, the corporation has officially ceased the provision of all...

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Do Son April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

Targeting the Cloud: IRGC Claims Strike on Oracle’s Dubai Data Sanctuary IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Targeting the Cloud: IRGC Claims Strike on Oracle’s Dubai Data Sanctuary

Do Son April 3, 2026

According to dispatches from Iranian state media, the Islamic Revolutionary Guard Corps (IRGC) has proclaimed the execution...

The Human Variable: How a Masterful Phishing Ruse Hijacked Axios and 100 Million Users Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

The Human Variable: How a Masterful Phishing Ruse Hijacked Axios and 100 Million Users

Do Son April 3, 2026

The esteemed open-source library Axios, a staple of the contemporary industry, recently fell victim to a cyber...

Critical Alert 1 Active Exploit Detected Today