Skip to content
July 3, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack
  • Malware

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features

Do Son May 12, 2025 0
Read More Read more about WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features
Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads Crypto theft, npm malware
  • Malware

Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads

Do Son May 12, 2025 0
Read More Read more about Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads
FreeDrain: Silent Crypto Theft on Google? Massive Phishing Network Exposed Attack chain summary
  • Cybercriminals

FreeDrain: Silent Crypto Theft on Google? Massive Phishing Network Exposed

Do Son May 12, 2025 0
Read More Read more about FreeDrain: Silent Crypto Theft on Google? Massive Phishing Network Exposed
Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software libexpat, XML vulnerability
  • Vulnerability

Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software

Do Son May 12, 2025 0
Read More Read more about Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software
Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan RATty Trojan, email phishing
  • Cybercriminals
  • Malware

Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan

Do Son May 12, 2025 0
Read More Read more about Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan
Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements Crypto malvertising, Facebook ads
  • Cybercriminals
  • Malware

Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements

Do Son May 12, 2025 0
Read More Read more about Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements
Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign RMM abuse, Brazil spam
  • Cybercriminals

Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign

Do Son May 12, 2025 0
Read More Read more about Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign
Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS Cursor AI, Cursor IDE
  • Malware

Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS

Do Son May 11, 2025 0
Read More Read more about Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS
Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks Mitel vulnerabilities, SIP phone security
  • Vulnerability

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks

Do Son May 11, 2025 0
Read More Read more about Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks
From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability
  • Malware
  • Vulnerability

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver

Do Son May 11, 2025 0
Read More Read more about From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver
Android 15 Mandates 16KB Memory Pages for New Google Play Apps Android July 2024 security patches Android battery drain, wake locks Android 15, 16KB Pages
  • Android

Android 15 Mandates 16KB Memory Pages for New Google Play Apps

Do Son May 10, 2025 0
Read More Read more about Android 15 Mandates 16KB Memory Pages for New Google Play Apps
Chrome Crashing on Windows, Android, and macOS; iOS Unaffected Chrome Vulnerability CVE-2024-4761 - Google Sell Chrome CVE-2025-1920 Chrome Crash, Browser Issue
  • Technology

Chrome Crashing on Windows, Android, and macOS; iOS Unaffected

Do Son May 10, 2025 0
Read More Read more about Chrome Crashing on Windows, Android, and macOS; iOS Unaffected
DOJ Cracks Down on Anyproxy & 5socks Botnets, Four Charged Botnet Takedown, Anyproxy
  • Cybercriminals

DOJ Cracks Down on Anyproxy & 5socks Botnets, Four Charged

Do Son May 10, 2025 0
Read More Read more about DOJ Cracks Down on Anyproxy & 5socks Botnets, Four Charged
German Police Shut Down Crypto Laundering Platform eXch, Seize Millions Crypto Laundering, eXch Shutdown
  • Cybercriminals

German Police Shut Down Crypto Laundering Platform eXch, Seize Millions

Do Son May 10, 2025 0
Read More Read more about German Police Shut Down Crypto Laundering Platform eXch, Seize Millions
Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score CloudVision ZTP, CVE-2025-0505
  • Vulnerability

Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score

Do Son May 10, 2025 0
Read More Read more about Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score
Twitter Ad Loophole Exploited in iToken Crypto Scam Spoofing CNN and Apple Brands The Buy Tokens page
  • Cybercriminals

Twitter Ad Loophole Exploited in iToken Crypto Scam Spoofing CNN and Apple Brands

Do Son May 10, 2025 0
Read More Read more about Twitter Ad Loophole Exploited in iToken Crypto Scam Spoofing CNN and Apple Brands
Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack Atomic Stealer, macOS Malware
  • Malware

Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack

Do Son May 10, 2025 0
Read More Read more about Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack
Bluetooth 6.1 Enhances Privacy with Randomized Addresses Bluetooth 6.1, Privacy Update
  • Technology

Bluetooth 6.1 Enhances Privacy with Randomized Addresses

Do Son May 9, 2025 0
Read More Read more about Bluetooth 6.1 Enhances Privacy with Randomized Addresses
Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score Arista CloudVision, CVE-2024-11186
  • Vulnerability

Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score

Do Son May 9, 2025 0
Read More Read more about Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score
Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities
  • Vulnerability

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation

Do Son May 9, 2025 0
Read More Read more about Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation
❮ Prev Page
Next Page ❯

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-45659CVSS 8.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
  • CVE-2026-28496CVSS 9.4
    FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
    Admin intel📅 Updated: Jun 25, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-14544CVSS 9.8
    A flaw was found in HPLIP (HP Linux Imaging and Printing Software)....
  • CVE-2026-9725CVSS 9.1
    The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress...
  • CVE-2026-13768CVSS 10.0
    Gardyn devices expose a privileged iothubowner key. Access to this key will...
  • CVE-2026-57100CVSS 9.9
    Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an...
  • CVE-2026-45499CVSS 9.9
    Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to...
  • CVE-2026-41106CVSS 9.3
    Url redirection to untrusted site ('open redirect') in M365 Copilot allows an...
  • CVE-2026-52830CVSS 9.4
    fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP...
  • CVE-2026-49352CVSS 9.8
    ### Summary 9router uses a publicly known hardcoded string `"9router-default-secret-change-me"` as the...
  • CVE-2026-54617CVSS 9.8
    ### Summary An unauthenticated path traversal in the LaunchServer HTTP file server...
  • CVE-2026-58466CVSS 9.8
    AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.