News Archives • Page 63 of 651 • Daily CyberSecurity

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Do Son April 1, 2026

A trusted communication tool has been turned into a weapon of mass malware distribution. Check Point Research...

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System

Do Son April 1, 2026

The Vim project has issued a critical security advisory regarding a high-severity vulnerability that could allow attackers...

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor

Do Son April 1, 2026

The Google Threat Intelligence Group (GTIG) has issued an urgent warning regarding a sophisticated software supply chain...

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors

Do Son March 31, 2026

A critical security boundary in Kubernetes environments has been compromised. A new vulnerability note from CERT/CC has...

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Do Son March 31, 2026

A high-severity security flaw has been identified within the core of the Perl programming language. Designated as...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Do Son March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder

Do Son March 31, 2026

In a major configuration oversight, the source code for Claude Code—Anthropic’s flagship agentic CLI tool—was recently leaked...

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap Reservation Hijacking Hotel Phishing

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap

Do Son March 31, 2026

Imagine receiving a WhatsApp message from your hotel’s Guest Relations team just days before your family vacation....

Under Active Attack: Nginx UI’s Critical 9.8 Vulnerability Exploited in the Wild Nginx UI RCE CVE-2026-42238 Nginx UI PoC CVE-2026-33032

Under Active Attack: Nginx UI’s Critical 9.8 Vulnerability Exploited in the Wild

Do Son March 31, 2026

The popular web-based management interface, Nginx UI, is under fire following the public disclosure of a critical...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Do Son March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

The End of the Open APK? Google’s 2026 Roadmap to “Vanquish” Unsigned Sideloading Android sideloading signature requirement

The End of the Open APK? Google’s 2026 Roadmap to “Vanquish” Unsigned Sideloading

Do Son March 31, 2026

Earlier this month, Google promulgated a recalibrated protocol for sideloading applications within the Android ecosystem. Under this...

Google Drive Deploys AI-Powered Ransomware Shields for All Users Google Drive ransomware detection

Google Drive Deploys AI-Powered Ransomware Shields for All Users

Do Son March 31, 2026

In September 2025, Google unveiled experimental ransomware detection and file restoration capabilities to a select cohort of...

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests GitHub Copilot PR advertising

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests

Do Son March 31, 2026

Recently, a developer disclosed that their team employed GitHub Copilot to rectify trivial typographical errors within a...

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author Kiss Loader Early Bird APC Injection

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author

Do Son March 31, 2026

While analyzing a new piece of malware dubbed “Kiss Loader,” G DATA Security Center found themselves in...

The $4.4 Billion Unraveling: Unity Shutters ironSource and Puts Supersonic on the Auction Block Unity ironSource shutdown game accessibility, Unity screen reader

Unity ironSource shutdown game accessibility, Unity screen reader

The $4.4 Billion Unraveling: Unity Shutters ironSource and Puts Supersonic on the Auction Block

Do Son March 31, 2026

Notwithstanding the ostensible brilliance of its 2025 fiscal ledger, the illustrious game engine architect, Unity, remains besieged...

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations FAUX#ELEVATE Living-off-the-Land Attack

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations

Do Son March 31, 2026

Cybersecurity researchers at Securonix have detailed the curtain on a sophisticated new threat campaign dubbed FAUX#ELEVATE. The...

Axios Under Siege: Critical npm Supply Chain Attack Hijacks Lead Maintainer to Drop Multi-Platform RAT TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Axios Under Siege: Critical npm Supply Chain Attack Hijacks Lead Maintainer to Drop Multi-Platform RAT

Do Son March 31, 2026

Security researchers at StepSecurity have issued an emergency warning regarding a high-stakes supply chain attack targeting axios,...

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions Citrix NetScaler Vulnerability CVE-2026-3055

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions

Do Son March 31, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability impacting Citrix NetScaler ADC...

High-Severity RCE Discovered in Foreman’s WebSocket Proxy Foreman RCE Command Injection

High-Severity RCE Discovered in Foreman’s WebSocket Proxy

Do Son March 30, 2026

Security researchers have identified a high-severity vulnerability in Foreman, the popular open-source lifecycle management tool used by...