Daily CyberSecurity • Page 177 of 733 • Zero-hour alerts. Unmatched analysis.

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

Do Son October 6, 2025

A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one...

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central

Do Son October 6, 2025

QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak...

Apple’s Indian Supply Chain Expands: 350,000 Jobs Created and Full iPhone 17 Assembly Planned iOS Android Interoperability, DMA Ecosystem Apple India Supply Chain, iPhone Manufacturing

iOS Android Interoperability, DMA Ecosystem Apple India Supply Chain, iPhone Manufacturing

Apple’s Indian Supply Chain Expands: 350,000 Jobs Created and Full iPhone 17 Assembly Planned

Do Son October 6, 2025

As the scale of iPhone assembly and exports in India continues to expand year after year, Apple’s...

Sora Reverses Copyright Policy: OpenAI to Share Revenue and Allow Opt-In Controls for Character IP Cameo Sora Lawsuit OpenAI Trademark Sora Cameo, trademark lawsuit Japan Sora 2 Copyright, Anime Manga IP Sora 1M Downloads, AI Video Platform Sora Copyright, Revenue Sharing OpenAI Sora, AI Video Platform

Cameo Sora Lawsuit OpenAI Trademark Sora Cameo, trademark lawsuit Japan Sora 2 Copyright, Anime Manga IP Sora 1M Downloads, AI Video Platform Sora Copyright, Revenue Sharing OpenAI Sora, AI Video Platform

Sora Reverses Copyright Policy: OpenAI to Share Revenue and Allow Opt-In Controls for Character IP

Do Son October 6, 2025

OpenAI’s recently launched short-video platform “Sora”—though still available only by invitation in the United States and Canada—has...

Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis Redis XACKDEL RCE, Google Big Sleep CVE-2023-41056 Redis licensing, AGPL Redis RCE, Lua Use-After-Free CVE-2025-49844

Redis XACKDEL RCE, Google Big Sleep CVE-2023-41056 Redis licensing, AGPL Redis RCE, Lua Use-After-Free CVE-2025-49844

Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis

Do Son October 6, 2025

Redis, the popular open-source in-memory data store widely used for real-time analytics, caching, and message brokering, has...

Cloudflare Unveils New Policy to Let Creators Control How AI Bots Use Their Content Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Unveils New Policy to Let Creators Control How AI Bots Use Their Content

Do Son October 6, 2025

As search engines gradually evolve into “answer engines,” users can now obtain information without ever visiting the...

DOJ Pressure Forces Apple and Google to Remove Apps Tracking ICE Agents

Do Son October 5, 2025

Following Apple’s recent removal of the app ICEBlock at the request of the U.S. Department of Justice,...

Free Xbox Cloud Gaming with Ads: Microsoft Tests New Tier with Session and Quality Limits Free Xbox Cloud Gaming, Ad-Supported Tier Xbox Cloud Gaming Game Pass

Free Xbox Cloud Gaming, Ad-Supported Tier Xbox Cloud Gaming Game Pass

Free Xbox Cloud Gaming with Ads: Microsoft Tests New Tier with Session and Quality Limits

Do Son October 5, 2025

As Xbox Game Pass Ultimate subscribers brace for a steep 50% price increase, reports have surfaced suggesting...

Red Hat Confirms Breach of GitLab Instance, Customer Network Blueprints Stolen Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Red Hat Confirms Breach of GitLab Instance, Customer Network Blueprints Stolen

Do Son October 5, 2025

IBM’s enterprise Linux subsidiary, Red Hat, has confirmed that its managed repository—hosted on the GitLab platform—was compromised...

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security

Do Son October 4, 2025

Ransomware groups are increasingly turning to legitimate Remote Access Tools (RATs) such as AnyDesk, UltraViewer, RustDesk, Splashtop,...

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion

Do Son October 4, 2025

The latest analysis from Trellix ARC reveals the unexpected return of XWorm, a notorious Remote Access Trojan...

The Evolution of iPhone Unlockers: From Jailbreaks to Secure Recovery Tools

Shahid Latif October 3, 2025

Introduction Locked-out iPhone users often struggle because the iPhone has always had robust security. People have sought...

Dutch Court Orders Meta to Fix Algorithmic Feed, Citing DSA Violation Meta Algorithmic Feed, DSA Compliance Meta Passkeys, Passwordless Login

Dutch Court Orders Meta to Fix Algorithmic Feed, Citing DSA Violation

Do Son October 3, 2025

According to a Reuters report, a Dutch court has recently ruled that Meta must revise the design...

Google Announces $4 Billion Arkansas Investment for New AI Data Center and 600 MW Solar Project Google Arkansas Investment, AI Data Center Google, privacy fine Ecosia Google Chrome Alphabet Earnings, AI Growth Google Hydropower, AI Data Centers Google Breakup Antitrust Workspace Flows Google Workspace Google remote work, return to office

Google Arkansas Investment, AI Data Center Google, privacy fine Ecosia Google Chrome Alphabet Earnings, AI Growth Google Hydropower, AI Data Centers Google Breakup Antitrust Workspace Flows Google Workspace Google remote work, return to office

Google Announces $4 Billion Arkansas Investment for New AI Data Center and 600 MW Solar Project

Do Son October 3, 2025

Google has announced plans to invest up to $4 billion in Arkansas by 2027, channeling resources into...

Actively Exploited: Critical Flaw CVE-2025-6388 (CVSS 9.8) Allows Authentication Bypass in WordPress Plugin WordPress Auth Bypass, CVE-2025-6388 Exploited

WordPress Auth Bypass, CVE-2025-6388 Exploited

Actively Exploited: Critical Flaw CVE-2025-6388 (CVSS 9.8) Allows Authentication Bypass in WordPress Plugin

Do Son October 3, 2025

A newly disclosed vulnerability in the Spirit Framework plugin for WordPress has put thousands of websites at...

Yoast SEO Premium Flaw: Stored XSS Bug (CVE-2025-11241) Exposes Millions of WordPress Sites Yoast XSS, CVE-2025-11241

Yoast SEO Premium Flaw: Stored XSS Bug (CVE-2025-11241) Exposes Millions of WordPress Sites

Do Son October 3, 2025

A new vulnerability has been disclosed in the widely used Yoast SEO Premium plugin for WordPress, potentially...

GreyNoise Detects Coordinated Surge Exploiting Grafana Path Traversal Flaw (CVE-2021-43798) Grafana Exploitation, Coordinated Scanning Arcserve UDP Vulnerabilities

Grafana Exploitation, Coordinated Scanning Arcserve UDP Vulnerabilities

GreyNoise Detects Coordinated Surge Exploiting Grafana Path Traversal Flaw (CVE-2021-43798)

Do Son October 3, 2025

Recently, GreyNoise observed a sudden and highly coordinated wave of exploitation attempts targeting CVE-2021-43798, a Grafana path...

Cavalry Werewolf APT Targets Russian Agencies with FoalShell and Telegram C2 FBI email system hack

Cavalry Werewolf APT Targets Russian Agencies with FoalShell and Telegram C2

Do Son October 3, 2025

The threat actor known as Cavalry Werewolf has been observed ramping up its operations between May and...

Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor

Do Son October 3, 2025

The Confucius group, a long-running cyber-espionage actor first identified in 2013, has resurfaced with a new wave...

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft

Do Son October 3, 2025

Cisco Talos researchers have detailed the activities of UAT-8099, a Chinese-speaking cybercrime group leveraging compromised Microsoft IIS...

Critical Alert 1 Active Exploit Detected Today