News Archives • Page 73 of 631 • Daily CyberSecurity

Surveillance for Sale: ZeroDayRAT Turns Phones into Spies via Telegram ZeroDayRAT Mobile Spyware

Surveillance for Sale: ZeroDayRAT Turns Phones into Spies via Telegram

Ddos February 16, 2026

A new and powerful mobile spyware platform has emerged on the cybercrime market, offering sophisticated surveillance capabilities...

HAProxy Patches High-Severity QUIC Flaws That Can Kill the Load Balancer

Ddos February 16, 2026

Maintainers of the widely-used load balancer HAProxy have issued urgent security updates to address two high-severity vulnerabilities...

AI Data at Risk: Critical Milvus Flaw (CVSS 9.8) Exposes Database via Port 9091 Milvus Vulnerability Vector Database Security

AI Data at Risk: Critical Milvus Flaw (CVSS 9.8) Exposes Database via Port 9091

Ddos February 16, 2026

A critical vulnerability has been discovered in Milvus, the high-performance vector database that powers many of the...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Trusted Tool Weaponized: Lotus Blossom Hijacks Notepad++ Updates

Ddos February 16, 2026

A new report from Unit 42 has exposed a highly targeted supply chain attack that turned one...

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover BeyondTrust Vulnerability CVE-2026-1731

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover

Ddos February 15, 2026

A critical vulnerability in widely used remote access software is currently under active attack, with threat actors...

Critical Alert: Chrome Zero-Day (CVE-2026-2441) Exploited in the Wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Critical Alert: Chrome Zero-Day (CVE-2026-2441) Exploited in the Wild

Ddos February 15, 2026

Google has pushed an urgent security update for its Chrome browser, racing to patch a high-severity zero-day...

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials Outlook Add-in Phishing AgreeTo Malicious Add-in

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials

Ddos February 13, 2026

In a disturbing first for enterprise security, researchers at Koi Security have uncovered a malicious Microsoft Outlook...

Triple Threat Patched: Zimbra 10.1.16 Fixes XSS, XXE & LDAP Injection

Ddos February 13, 2026

Zimbra has rolled out a significant security update for its collaboration suite, releasing Zimbra 10.1.16 to address...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Email Under Siege: Storm-2603 Exploits SmarterMail to Deploy Warlock Ransomware

Ddos February 13, 2026

A new report from ReliaQuest has uncovered a dangerous alliance between a China-based threat actor and a...

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware

Ddos February 13, 2026

The notorious North Korean hacking syndicate, Lazarus Group, has launched a new, highly sophisticated branch of its...

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks

Ddos February 13, 2026

A new report from Bitdefender has revealed a troubling resurgence in LummaStealer activity, proving that even coordinated...

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers SSHStalker Botnet Linux IRC Malware

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers

Ddos February 13, 2026

A previously undocumented Linux botnet has been discovered prowling the internet, using a mix of ancient tactics...

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed Muddled Libra Rogue VM

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed

Ddos February 13, 2026

A new investigation by Unit 42 has pulled back the curtain on the operations of Muddled Libra,...

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust Telegram Phishing Account Takeover

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust

Ddos February 13, 2026

A new phishing campaign is targeting Telegram users by turning the platform’s own security features into a...

The Silent Assistant: Why Apple Just Pulled the Plug on Siri’s “Cerebral Transplant” for iOS 26.4 iOS 27 Apple Intelligence Apple AI Extensions bazaar Siri iOS 27 Gemini integration Apple AI server Baltra Siri AI delay iOS 26.4 Apple Google Gemini Siri partnership, Siri powered by Google Gemini 2026 Siri Gemini, Apple Intelligence Siri, Apple AI Apple "Veritas", Siri AI Siri Gemini Supercharged Siri, AI assistant Siri Integration, App Intents Apple Siri Apple AI Strategy, ChatGPT Rival

The Silent Assistant: Why Apple Just Pulled the Plug on Siri’s “Cerebral Transplant” for iOS 26.4

Ddos February 12, 2026

While market prognosticators widely anticipated that Apple would finally unveil a “genuinely intelligent” Siri—powered by the integrated...

From Search to Sale: How Google’s “Agent Commerce” Turns Gemini into Your Personal Buyer Google Agent Commerce 2026

From Search to Sale: How Google’s “Agent Commerce” Turns Gemini into Your Personal Buyer

Ddos February 12, 2026

Vidhya Srinivasan, Vice President and General Manager of Ads at Google, articulated in her 2026 annual missive...

No Ads, No Paywall: Anthropic’s Bold “Sonnet 4.5” Gambit to Dethrone ChatGPT Anthropic Google $200 billion deal Anthropic Mythos Preview Anthropic Pentagon blacklist Claude Max 20x open-source Model Distillation Anthropic vs DeepSeek Claude Free tier update 2026

Anthropic Google $200 billion deal Anthropic Mythos Preview Anthropic Pentagon blacklist Claude Max 20x open-source Model Distillation Anthropic vs DeepSeek Claude Free tier update 2026

No Ads, No Paywall: Anthropic’s Bold “Sonnet 4.5” Gambit to Dethrone ChatGPT

Ddos February 12, 2026

In a strategic endeavor to captivate users disenchanted by ubiquitous advertising, Anthropic has announced a profound enhancement...

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers

Ddos February 12, 2026

MongoDB has issued a warning regarding a high-severity vulnerability that could allow attackers to remotely crash database...

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass