Daily CyberSecurity • Page 241 of 734 • Zero-hour alerts. Unmatched analysis.

Google Sues BadBox 2.0 Botnet Operators, Protecting 10 Million+ Infected Android Devices BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Google Sues BadBox 2.0 Botnet Operators, Protecting 10 Million+ Infected Android Devices

Do Son July 18, 2025

In response to the escalating wave of cybersecurity threats, Google has filed a lawsuit against the operators...

Grafana Patches XSS (CVE-2025-6023) and Open Redirect (CVE-2025-6197) Flaws in Recent Security Release Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Patches XSS (CVE-2025-6023) and Open Redirect (CVE-2025-6197) Flaws in Recent Security Release

Do Son July 18, 2025

Grafana Labs has released important security patches for multiple versions of its observability platform, addressing two significant...

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories GitHub MaaS, Emmenhtal Loader

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories

Do Son July 18, 2025

Cisco Talos has uncovered a multi-pronged Malware-as-a-Service (MaaS) operation exploiting public GitHub repositories to distribute a wide...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical Flaw (CVSS 9.8) in Ubiquiti UniFi Access Devices Allows RCE

Do Son July 18, 2025

Ubiquiti has issued a security advisory for a critical vulnerability affecting multiple models in its UniFi Access...

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers Exchange Backdoor, GhostContainer

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

Do Son July 18, 2025

In a recent incident response operation, Kaspersky Labs uncovered a highly sophisticated backdoor named GhostContainer, designed to...

CVE-2025-34300 (CVSS 10): Critical RCE Flaw in Lighthouse Studio’s CGI Scripts Threatens Survey Servers Worldwide Lighthouse Studio RCE, Survey Platform Vulnerability

Lighthouse Studio RCE, Survey Platform Vulnerability

CVE-2025-34300 (CVSS 10): Critical RCE Flaw in Lighthouse Studio’s CGI Scripts Threatens Survey Servers Worldwide

Do Son July 18, 2025

A severe remote code execution (RCE) vulnerability has been discovered in Lighthouse Studio, a popular web-based survey...

Massistant: China’s New Mobile Forensics App Deepens Digital Surveillance Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

Massistant: China’s New Mobile Forensics App Deepens Digital Surveillance

Do Son July 18, 2025

In an update to China’s expanding digital surveillance ecosystem, researchers at Lookout Threat Lab have uncovered a...

New macOS Infostealer Slips Past Apple’s Defenses with Code Signing and Notarization macOS Infostealer, Apple Notarization Bypass

New macOS Infostealer Slips Past Apple’s Defenses with Code Signing and Notarization

Do Son July 18, 2025

Jamf Threat Labs has uncovered a sophisticated new macOS infostealer variant that managed to bypass Apple’s security...

ISC Warns of Cache Poisoning and Crash Risks in BIND: What You Need to Know About CVE-2025-40776 and CVE-2025-40777 BIND 9 Vulnerability CVE-2025-13878 BIND Cache Poisoning, DNS RCE BIND Vulnerabilities, DNS Security BIND 9 vulnerabilities BIND vulnerability, DNS server crash

BIND 9 Vulnerability CVE-2025-13878 BIND Cache Poisoning, DNS RCE BIND Vulnerabilities, DNS Security BIND 9 vulnerabilities BIND vulnerability, DNS server crash

ISC Warns of Cache Poisoning and Crash Risks in BIND: What You Need to Know About CVE-2025-40776 and CVE-2025-40777

Do Son July 18, 2025

The Internet Systems Consortium (ISC) has issued two security advisories addressing two high-impact vulnerabilities in BIND, its...

H2Miner Botnet Unleashes Lcrypt0rx: Flawed, AI-Generated Ransomware with Zero Detection Rates AI Ransomware, H2Miner Evolution

H2Miner Botnet Unleashes Lcrypt0rx: Flawed, AI-Generated Ransomware with Zero Detection Rates

Do Son July 18, 2025

A new investigation by the FortiCNAPP team, part of FortiGuard Labs, has revealed a disturbing evolution in...

Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID Entra ID Impersonation, Privilege Escalation

Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID

Do Son July 18, 2025

In a comprehensive and technically expose, Datadog Security Labs has unveiled a privilege escalation method that allows...

SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat TheBrowserSecurityFieldManual-Hero_Image-1200x720_175272573813MxoLQcOJ

TheBrowserSecurityFieldManual-Hero_Image-1200x720_175272573813MxoLQcOJ

SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat

cybernewswire July 17, 2025

Palo Alto, California, 17th July 2025, CyberNewsWire

Arm’s SME2 Supercharges Mobile AI: 6x Faster Responses & On-Device Gemma 3 Arm Physical AI 2026, AI-Defined Platforms CVE-2022-46891 Arm SME2, Mobile AI Performance

Arm Physical AI 2026, AI-Defined Platforms CVE-2022-46891 Arm SME2, Mobile AI Performance

Arm’s SME2 Supercharges Mobile AI: 6x Faster Responses & On-Device Gemma 3

Do Son July 17, 2025

As AI applications at the device level continue to gain traction, with increasing complexity in tasks ranging...

ChatGPT Takes Aim at Microsoft Office: OpenAI’s New “Agent” Edits Spreadsheets & Presentations Directly

Do Son July 17, 2025

As AI tools become increasingly integrated into daily workflows, OpenAI is reportedly poised to bolster ChatGPT’s business...

FCC to Vote on Banning Chinese Tech in US Undersea Cables Amid National Security Concerns Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

FCC to Vote on Banning Chinese Tech in US Undersea Cables Amid National Security Concerns

Do Son July 17, 2025

The Federal Communications Commission (FCC) has issued a statement announcing its intention to vote on a new...

New Web3 Identification Standard: IT Expert launches an innovative decentralized platform without servers and KYC

Dan Agbo July 17, 2025

An international software engineer and IT expert Rassul Rakhimzhan has made a breakthrough and developed a solution...

AWS Unleashes Enterprise AI: Bedrock AgentCore & $100M Boost for AI Agent Development AWS AI Agents, Enterprise AI

AWS Unleashes Enterprise AI: Bedrock AgentCore & $100M Boost for AI Agent Development

Do Son July 17, 2025

At the 2025 New York Summit, AWS unveiled a comprehensive new initiative focused on Agentic AI, announcing...

Elon Musk’s xAI Eyes Saudi Arabia: Seeking Gigawatts of AI Compute Power in New Global Expansion EU GDPR Grok investigation xAI crypto trader recruitment X open-source algorithm 2026, Elon Musk ad transparency X Chat Replacement X End-to-End Encryption xAI, open-source xAI Elon Musk xAI Infrastructure, Saudi AI