News Archives • Page 56 of 651 • Daily CyberSecurity

Qilin’s “EDR Killer” Dismantles 300+ Security Drivers EDR Killer Qilin Ransomware

Qilin’s “EDR Killer” Dismantles 300+ Security Drivers

Do Son April 9, 2026

A technical deep-dive from Cisco Talos has exposed a sophisticated “EDR killer” deployed during Qilin ransomware attacks,...

Ghosts in the Hypervisor: Mandiant Exposes the 400-Day vSphere Takeover Hypervisor Persistence vSphere Security

Ghosts in the Hypervisor: Mandiant Exposes the 400-Day vSphere Takeover

Do Son April 9, 2026

A new deep-dive report from Mandiant (part of Google Cloud) explores the evolving threats facing the VMware...

Microsoft Developer Account Suspension Microsoft Web Activation Portal Driver Signing Account Suspension Windows 11 Smart App Control Windows 11 SE end of support, Microsoft education hardware pivot Microsoft Product Activation Portal 2025, Windows telephone activation discontinued Windows Update Naming, Microsoft Update Microsoft earnings, OpenAI valuation VBScript deprecation Microsoft Pakistan, Office Closure Microsoft job cuts Microsoft Own AI Models

Microsoft’s Automated Suspensions Almost Silenced VeraCrypt and WireGuard

Do Son April 9, 2026

Previously, it was noted that the developer account for the renowned encryption software VeraCrypt was summarily suspended...

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available Mistral policy bypass flaw arbitrary code execution CVE-2024-40767 Keystone Vulnerability S3 Bypass

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available

Do Son April 9, 2026

A significant security vulnerability has been uncovered in OpenStack Keystone, the identity service that serves as the...

Palo Alto Networks Patches Trio of Security Flaws: From Agent Disabling to System Privileges PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110

Palo Alto Networks Patches Trio of Security Flaws: From Agent Disabling to System Privileges

Do Son April 9, 2026

Palo Alto Networks has released critical updates to address three distinct vulnerabilities across its security ecosystem. The...

Microsoft Ban Leaves VeraCrypt Unable to Sign Critical Windows Drivers VeraCrypt Microsoft account ban

Microsoft Ban Leaves VeraCrypt Unable to Sign Critical Windows Drivers

Do Son April 9, 2026

VeraCrypt, a preeminent figure in the realm of open-source disk encryption, has recently encountered a formidable crisis:...

Security Alert: GitLab Issues Patch for High-Severity Vulnerabilities Across CE and EE GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

Security Alert: GitLab Issues Patch for High-Severity Vulnerabilities Across CE and EE

Do Son April 9, 2026

GitLab has released critical security updates for Community Edition (CE) and Enterprise Edition (EE). Versions 18.10.3, 18.9.5,...

SonicWall Issues Critical Patch for SMA 1000 Series to Stop SQL Injection and MFA Bypasses SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall Issues Critical Patch for SMA 1000 Series to Stop SQL Injection and MFA Bypasses

Do Son April 9, 2026

SonicWall has released a series of patches for its SMA 1000 series appliances to address four distinct...

New Phishing Campaign Abuses GitHub to Target South Korea GitHub C2 LNK Malware

New Phishing Campaign Abuses GitHub to Target South Korea

Do Son April 9, 2026

A sophisticated new cyberespionage campaign is leveraging the trust of major public platforms to slip past corporate...

The $86,000 Patch: Chrome 147 Crushes “Critical” WebML Memory Flaws Chrome 147 Security WebML Vulnerabilities

The $86,000 Patch: Chrome 147 Crushes “Critical” WebML Memory Flaws

Do Son April 9, 2026

The Google Chrome team has officially promoted Chrome 147 to the stable channel for Windows, Mac, and...

CISA Warning: Critical Ivanti EPMM Code Injection Vulnerability Under Active Attack Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Warning: Critical Ivanti EPMM Code Injection Vulnerability Under Active Attack

Do Son April 9, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical code injection vulnerability in Ivanti...

Storm: 2026’s Newest Infostealer Bypasses Chrome to Hijack Your MFA Sessions Storm Infostealer Session Cookie Theft

Storm: 2026’s Newest Infostealer Bypasses Chrome to Hijack Your MFA Sessions

Do Son April 9, 2026

A new and highly efficient threat has emerged on underground cybercrime networks, signaling a significant shift in...

High-Severity Patches: NVIDIA Secures DALI and Triton Inference Server NVIDIA AI Security Deserialization Exploit

High-Severity Patches: NVIDIA Secures DALI and Triton Inference Server

Do Son April 8, 2026

NVIDIA has released two significant security updates addressing high-severity vulnerabilities across its DALI and Triton Inference Server...

Firecracker Security Alert: Virtio-PCI Vulnerability Could Lead to Out-of-Bounds Memory Access Firecracker Vulnerability Virtio-PCI OOB Write

Firecracker Vulnerability Virtio-PCI OOB Write

Firecracker Security Alert: Virtio-PCI Vulnerability Could Lead to Out-of-Bounds Memory Access

Do Son April 8, 2026

AWS has issued a high-severity security advisory for Firecracker, the open-source virtualization technology purpose-built for high-scale, multi-tenant...

CVE-2026-34208 (CVSS 10): Critical Sandbox Escape Uncovered in SandboxJS SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

CVE-2026-34208 (CVSS 10): Critical Sandbox Escape Uncovered in SandboxJS

Do Son April 8, 2026

In the world of secure software development, sandboxing is the ultimate safety net—a controlled environment designed to...

Apache ActiveMQ Patches RCE and Path Traversal Flaws ActiveMQ RCE Jolokia Exploit ActiveMQ CVE-2025-27533 ActiveMQ Deserialization RCE, CVE-2025-54539

ActiveMQ RCE Jolokia Exploit ActiveMQ CVE-2025-27533 ActiveMQ Deserialization RCE, CVE-2025-54539

Apache ActiveMQ Patches RCE and Path Traversal Flaws

Do Son April 8, 2026

Apache ActiveMQ, the widely used open-source message broker, has released critical security updates to address two vulnerabilities...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Critical Zero-Day: Unauthenticated RCE Exploited in Weaver E-cology 10.0

Do Son April 8, 2026

A critical security vulnerability, tracked as CVE-2026-22679, has been identified in Weaver (Fanwei) E-cology 10.0, one of...

Exploited in the Wild: Critical 9.3 CVSS Flaw Turns Tianxin Systems into Hacker Gateways PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack