Daily CyberSecurity • Page 197 of 725 • Zero-hour alerts. Unmatched analysis.

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware malvertising, Android malware

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware

Ddos August 30, 2025

Bitdefender Labs has issued a new warning about a global malvertising campaign abusing Meta’s advertising system to...

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch BadSuccessor, Active Directory

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch

Ddos August 30, 2025

At DEF CON 2025, Akamai security researcher Yuval Gordon revealed the story of BadSuccessor (CVE-2025-53779), an Active...

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months MystRodX, stealthy backdoor

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

Ddos August 30, 2025

XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in compromised...

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3 QNAP Vulnerabilities CVE-2025-52856

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3

Ddos August 29, 2025

QNAP has released a security advisory addressing multiple vulnerabilities affecting the QVR firmware on legacy VioStor NVR...

India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks

Ddos August 29, 2025

Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to v2.25.21.73),...

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247) Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

Ddos August 29, 2025

The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions...

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution ImageMagick, remote code execution

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution

Ddos August 29, 2025

The developers of ImageMagick, one of the most widely used open-source image processing libraries, have disclosed a...

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Ddos August 29, 2025

The AhnLab Security Emergency Response Center (ASEC) has published new research on the Interlock ransomware group, which...

Beyond Scambaiting: YouTubers Help DOJ Bust a $65 Million Fraud Ring DOJ, fraud scheme

Beyond Scambaiting: YouTubers Help DOJ Bust a $65 Million Fraud Ring

Ddos August 29, 2025

The U.S. Department of Justice (DOJ) has announced federal indictments against 28 alleged members of a Chinese...

Google Self-Preferencing Fine Idealo Antitrust Damages Anthropic, Google TPUs Google DMA Compliance, Search Self-Preferencing Google Play Store Ruling, Epic Games Victory Google fine, ad tech Google lawsuit, privacy violation Gmail security, false alarm Google Play EU regulation Google Security, Phone Number Leak Google 2025 - Google China’s Anti-Monopoly Law Google monopoly, ad tech Pixel 7a battery, battery swelling

Google’s $9 Billion Bet: The New Investment Fueling AI in Virginia

Ddos August 29, 2025

Google has announced plans to invest an additional $9 billion in Virginia by the end of 2026...

NVIDIA Refuses to Pay 15% China Revenue Share Without a Law NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA Refuses to Pay 15% China Revenue Share Without a Law

Ddos August 29, 2025

Earlier reports suggested that the U.S. government had reached an agreement with NVIDIA and AMD, requiring the...

Cloud Gaming for Everyone: Xbox Opens Its Streaming Service to Game Pass Core and Standard Free Xbox Cloud Gaming, Ad-Supported Tier Xbox Cloud Gaming Game Pass

Free Xbox Cloud Gaming, Ad-Supported Tier Xbox Cloud Gaming Game Pass

Cloud Gaming for Everyone: Xbox Opens Its Streaming Service to Game Pass Core and Standard

Ddos August 29, 2025

Microsoft recently announced that Xbox Cloud Gaming will soon be integrated into the entry-level Game Pass Core...

A New Race for Silicon: Apple Secures Half of TSMC’s 2nm Chip Production Apple silicon, in-house chips Apple Event, iPhone 17 Air TSMC, 2nm chips

A New Race for Silicon: Apple Secures Half of TSMC’s 2nm Chip Production

Ddos August 29, 2025

According to information obtained by DigiTimes, Apple has reportedly reserved nearly half of TSMC’s 2nm production capacity,...

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch! D-Link, command injection

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch!

Ddos August 29, 2025

D-Link has issued a Security Announcement regarding multiple critical vulnerabilities discovered in its legacy DIR-series routers. These...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)

Ddos August 29, 2025

The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its...

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available NodeBB, SQL injection

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available

Ddos August 29, 2025

The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0....

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx Sinobi Group, ransomware

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

Ddos August 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) investigated a ransomware attack that it has attributed to an affiliate...

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale Anthropic, AI misuse

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale

Ddos August 29, 2025

Anthropic’s Threat Intelligence team has released a report detailing how malicious actors are misusing advanced AI systems...

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks Storm-0501, cloud ransomware

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks

Ddos August 29, 2025

Microsoft Threat Intelligence has published new research into Storm-0501, a financially motivated threat actor that has dramatically...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Ddos August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...