Daily CyberSecurity • Page 133 of 739 • Zero-hour alerts. Unmatched analysis.

Windows Admin Center Flaw (CVE-2025-64669): How a Simple Folder Permission Opened the Door to SYSTEM Access WAC LPE, DLL Hijacking

Windows Admin Center Flaw (CVE-2025-64669): How a Simple Folder Permission Opened the Door to SYSTEM Access

Do Son December 17, 2025

A high-severity security oversight in Microsoft’s Windows Admin Center (WAC) has been unearthed, revealing how a basic...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

GhostPairing: New Attack Hijacks WhatsApp via Linked Devices, Tricking Users with Fake Facebook QR Code

Do Son December 17, 2025

A deceptive new cyberattack campaign is turning one of WhatsApp’s most convenient features into a weapon, allowing...

Emerging Gentlemen Ransomware Hits 17 Countries with Double Extortion & BYOVD Evasion Tactics Gentlemen Ransomware, BYOVD Double Extortion

Emerging Gentlemen Ransomware Hits 17 Countries with Double Extortion & BYOVD Evasion Tactics

Do Son December 17, 2025

A sophisticated new ransomware operator has rapidly ascended the ranks of the cybercriminal underworld, targeting industries across...

NexusRoute Uncovered: Android RAT Impersonates Indian E-Challan via GitHub for UPI Fraud & Surveillance Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

NexusRoute Uncovered: Android RAT Impersonates Indian E-Challan via GitHub for UPI Fraud & Surveillance

Do Son December 17, 2025

A sophisticated new cybercrime operation is exploiting the trust of millions of Indian citizens by weaponizing the...

Hacker Honeypot? BreachForums Reopens via Emails Sent from French Ministry of the Interior Domain SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

Hacker Honeypot? BreachForums Reopens via Emails Sent from French Ministry of the Interior Domain

Do Son December 17, 2025

The original founder of the BreachForums hacking forum has already been arrested and sentenced to prison, ultimately...

Switching Teams: iOS 26.3 Beta Adds Official “Transfer to Android” Data Migration Option iOS Transfer to Android, Cross-Platform Migration

Switching Teams: iOS 26.3 Beta Adds Official “Transfer to Android” Data Migration Option

Do Son December 17, 2025

Previously, Google had already introduced features within Android to facilitate data migration to iOS devices. While moving...

Tech Force: US Government Recruits 1,000 Elite AI Engineers with Apple, Microsoft, and NVIDIA Partnership Tech Force AI Recruitment, Government-Tech Partnership

Tech Force AI Recruitment, Government-Tech Partnership

Tech Force: US Government Recruits 1,000 Elite AI Engineers with Apple, Microsoft, and NVIDIA Partnership

Do Son December 17, 2025

To prevent the U.S. federal government from falling behind in the AI era, the Trump administration has...

Ecosystem Moat: NVIDIA Acquires SchedMD (Slurm) and Unveils Nemotron 3 Hybrid AI Model NVIDIA SchedMD Nemotron 3, AI Ecosystem Moat

Ecosystem Moat: NVIDIA Acquires SchedMD (Slurm) and Unveils Nemotron 3 Hybrid AI Model

Do Son December 17, 2025

To preserve its dominance in the fiercely contested AI arena, NVIDIA’s strategic posture has now extended well...

Profit Over Safety: Meta Earns $3B from Chinese Scam Ads, Executives Tolerated Fraud for Revenue Growth FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

Profit Over Safety: Meta Earns $3B from Chinese Scam Ads, Executives Tolerated Fraud for Revenue Growth

Do Son December 17, 2025

Although Meta cannot offer services such as Facebook and Instagram within China, Chinese advertisers nonetheless constitute a...

Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026 Link11_Trends26_1200x720px_1765794336Qwx9Encn9I

Link11_Trends26_1200x720px_1765794336Qwx9Encn9I

Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026

cybernewswire December 16, 2025

Frankfurt am Main, Germany, 16th December 2025, CyberNewsWire

Samsung MagicInfo9 Vulnerability CVE-2026-25202 Galaxy S26 benchmarks Samsung HBM4 NVIDIA certification Samsung Bixby Perplexity integration, One UI 8.5 AI assistant Samsung Taylor 2nm mass production, TSMC 2nm capacity constraint 2026 Samsung SATA SSD Discontinuation, SSD Market Shift Samsung SATA SSD Discontinuation, M.2 Market Shift Samsung Foundry 4nm Yield Tsavorite OPU Chip Order Samsung Project Moohan, Android XR Samsung OpenAI Partnership, AI Infrastructure Samsung Exynos 2600, 2nm GAA Tesla AI Chips, Samsung Foundry Deal Samsung Foldables, Galaxy Unpacked 2025 Samsung AI, Perplexity AI Samsung data breach Q990D firmware US tariffs

Industry Shockwave? Rumors Claim Samsung Will Discontinue All SATA SSDs Despite Company’s Denial

Do Son December 16, 2025

Yesterday, we reported that video creator @MLID claimed Samsung is planning to gradually phase out its SATA-based...

Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root

Do Son December 16, 2025

A critical vulnerability has been uncovered in Red Hat OpenShift GitOps, exposing Kubernetes clusters to a complete...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical ScreenConnect Flaw (CVE-2025-14265) Risks Config Exposure & Untrusted Extension Installation

Do Son December 16, 2025

ConnectWise has issued an important security update for its widely used remote support software, ScreenConnect, addressing a...

Enterprise Alert: Windows 10 Update KB5071546 Breaks MSMQ Service with Insufficient Permissions Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 Lawsuit Windows 10 ESU, Free Security Updates Windows 10 ESU program

Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 Lawsuit Windows 10 ESU, Free Security Updates Windows 10 ESU program

Enterprise Alert: Windows 10 Update KB5071546 Breaks MSMQ Service with Insufficient Permissions

Do Son December 16, 2025

Microsoft has recently published documentation confirming that installing the extended security update KB5071546 on Windows 10 can...

EU Compliance: iOS 26.3 Adds Notification Forwarding to Third-Party Wearables, Bypassing Apple Watch iOS 27 rumors iOS 26.2.1 Update Apple Intelligence, iOS 26 iOS Notification Forwarding, EU DMA Compliance

iOS 27 rumors iOS 26.2.1 Update Apple Intelligence, iOS 26 iOS Notification Forwarding, EU DMA Compliance

EU Compliance: iOS 26.3 Adds Notification Forwarding to Third-Party Wearables, Bypassing Apple Watch

Do Son December 16, 2025

In the latest iOS 26.3 beta, Apple has introduced a new feature called Notification Forwarding, which allows...

Critical FortiGate SSO Flaw Under Active Exploitation: Attackers Bypass Auth and Exfiltrate Configs Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical FortiGate SSO Flaw Under Active Exploitation: Attackers Bypass Auth and Exfiltrate Configs

Do Son December 16, 2025

A critical security crisis is unfolding for Fortinet administrators this week. Just days after the vendor disclosed...

5-Year Threat: Malicious NuGet Package Used Homoglyphs and Typosquatting to Steal Crypto Wallets NuGet Crypto Stealer, Homoglyph Attack

5-Year Threat: Malicious NuGet Package Used Homoglyphs and Typosquatting to Steal Crypto Wallets

Do Son December 16, 2025

A malicious NuGet package masquerading as a popular .NET logging tool has been caught stealing cryptocurrency wallet...

macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access macOS Installer Hijack, .localized LPE

macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access

Do Son December 16, 2025

A stubborn vulnerability in macOS third-party installers has resurfaced, allowing attackers to hijack privileged processes and gain...

Frogblight Android Banking Trojan Targets Turkey via Fake E-Gov Smishing and WebView Frogblight Banking Trojan, Turkey Smishing

Frogblight Android Banking Trojan Targets Turkey via Fake E-Gov Smishing and WebView

Do Son December 16, 2025

A new and evolving Android banking Trojan dubbed “Frogblight” has been discovered targeting individuals in Turkey, masquerading...

Phantom Stealer Targets Russian Finance with ISO Phishing, Deploying Keyloggers and Crypto-Wallet Theft Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Phantom Stealer Targets Russian Finance with ISO Phishing, Deploying Keyloggers and Crypto-Wallet Theft

Do Son December 16, 2025

A sophisticated new phishing campaign is targeting the heart of Russia’s financial infrastructure, disguising a potent information-stealing...