Daily CyberSecurity • Page 43 of 734 • Zero-hour alerts. Unmatched analysis.

Splunk Issues Urgent Fixes for RCE and Clear-Text Token Leaks

Splunk Issues Urgent Fixes for RCE and Clear-Text Token Leaks

Do Son April 16, 2026

Splunk has released a series of security advisories detailing two significant vulnerabilities impacting Splunk Enterprise, Splunk Cloud...

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps Chrome Security Update $90K Bug Bounty

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps

Do Son April 16, 2026

Google has begun rolling out a high-stakes update for the Chrome stable channel, addressing a total of...

Root Access via Admin: The 9.9 RCE Crisis Threatening Cisco ISE Networks Cisco ISE RCE Identity Services Engine Vulnerability

Root Access via Admin: The 9.9 RCE Crisis Threatening Cisco ISE Networks

Do Son April 16, 2026

Cisco has issued an urgent security advisory following the discovery of high-stakes vulnerabilities in its Identity Services...

IoT Under Fire: Critical CVSS 10 Expression Injection Hits OpenRemote Platform OpenRemote RCE IoT Security

IoT Under Fire: Critical CVSS 10 Expression Injection Hits OpenRemote Platform

Do Son April 15, 2026

Security researchers have sounded a major alarm for the internet-of-things (IoT) sector as OpenRemote, a popular 100%...

Critical 9.1 SQL Injection Threatens Vendure Core Stores Vendure SQL Injection Shop API Vulnerability

Critical 9.1 SQL Injection Threatens Vendure Core Stores

Do Son April 15, 2026

Vendure Core, the open-source engine powering the enterprise commerce platform Vendure, has recently addressed a high-severity security...

No Patch Available: The CVSS 10 Flaw Turning AVideo into an Attacker’s Playground AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

No Patch Available: The CVSS 10 Flaw Turning AVideo into an Attacker’s Playground

Do Son April 15, 2026

AVideo, a versatile video streaming platform popular among content creators and businesses for hosting and monetizing content,...

High-Severity Authentication Bypass Discovered in MinIO Storage MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

High-Severity Authentication Bypass Discovered in MinIO Storage

Do Son April 15, 2026

A significant security vulnerability has been identified in MinIO, the high-performance, S3-compatible object storage solution widely used...

Attackers Weaponize Mailbox Rules to Control Your Inbox M365 Persistence Malicious Mailbox Rules

Attackers Weaponize Mailbox Rules to Control Your Inbox

Do Son April 15, 2026

In the modern landscape of Microsoft 365 security, the most dangerous threat might not be a sophisticated...

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts JanelaRAT LATAM Banking Malware

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts

Do Son April 15, 2026

In the diverse ecosystem of Latin American cybercrime, one threat continues to refine its ability to peer...

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT APT37 RokRAT Social Engineering Phishing

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT

Do Son April 15, 2026

A new investigation has revealed that the notorious state-sponsored threat group APT37 has significantly evolved its tactics,...

APT41’s New “Zero-Detection” Backdoor Targets Linux Workloads APT41 Linux Backdoor SMTP Command and Control

APT41’s New “Zero-Detection” Backdoor Targets Linux Workloads

Do Son April 15, 2026

A sophisticated new threat has been unmasked targeting the heart of enterprise cloud infrastructure. Researchers from Breakglass...

The “Graphalgo” Evolution: How North Korea Built a Fake Florida LLC to Hack Developers Graphalgo Campaign State-Sponsored Phishing

The “Graphalgo” Evolution: How North Korea Built a Fake Florida LLC to Hack Developers

Do Son April 15, 2026

The ReversingLabs (RL) research team has uncovered a sophisticated expansion of the “graphalgo” campaign. Originally identified in...

FBI and Indonesian Authorities Dismantle Prolific “W3LL” Phishing Empire W3LL Phishing Kit MFA Bypass Takedown

FBI and Indonesian Authorities Dismantle Prolific “W3LL” Phishing Empire

Do Son April 15, 2026

The FBI Atlanta Field Office, in a first-of-its-kind joint investigation with Indonesian law enforcement, has successfully dismantled...

Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses ColdFusion RCE Adobe Security Patch

Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses

Do Son April 15, 2026

Adobe has released an urgent set of security updates to address multiple vulnerabilities within its ColdFusion 2025...

Critical 9.1 Flaws Hit Fortinet FortiSandbox FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Critical 9.1 Flaws Hit Fortinet FortiSandbox

Do Son April 15, 2026

Fortinet has issued an urgent advisory regarding two critical vulnerabilities in its FortiSandbox platform—vulnerabilities that could allow...

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits

Do Son April 15, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, sounding a...

25 Million Users at Risk: Fastify Publicly Discloses PoC Exploit for Single-Space Security Bypass Fastify CVE-2026-33806 Public PoC Exploit

25 Million Users at Risk: Fastify Publicly Discloses PoC Exploit for Single-Space Security Bypass

Do Son April 15, 2026

In the world of web performance, Fastify is a heavyweight, boasting over 25 million monthly downloads and...

JUMPSEC Unmasks Iranian ‘Muddy Water’ Using Russian ‘CastleRAT’ Malware Muddy Water CastleRAT HVNC Browser Hijacking

JUMPSEC Unmasks Iranian ‘Muddy Water’ Using Russian ‘CastleRAT’ Malware

Do Son April 15, 2026

A significant shift in the digital arms race has been uncovered, as researchers reveal a new alliance...

OpenStack Keystone Flaw Grants Access to Disabled LDAP Users CVE-2024-44082 - OpenStack Ironic OpenStack Keystone LDAP Identity Service Vulnerability

CVE-2024-44082 - OpenStack Ironic OpenStack Keystone LDAP Identity Service Vulnerability

OpenStack Keystone Flaw Grants Access to Disabled LDAP Users

Do Son April 15, 2026

In the complex machinery of cloud identity management, a single misinterpretation of data can lead to a...

Urgent Patch Alert: SharePoint Spoofing Under Active Attack as Microsoft Releases April 2026 Updates Microsoft Patch Tuesday May 2026 Netlogon RCE CVE-2026-41089 SharePoint Exploit Patch Tuesday Windows DWM Zero-Day CVE-2026-21519 CVE-2024-49039 Microsoft Patch Tuesday March 2025

Microsoft Patch Tuesday May 2026 Netlogon RCE CVE-2026-41089 SharePoint Exploit Patch Tuesday Windows DWM Zero-Day CVE-2026-21519 CVE-2024-49039 Microsoft Patch Tuesday March 2025

Urgent Patch Alert: SharePoint Spoofing Under Active Attack as Microsoft Releases April 2026 Updates

Do Son April 15, 2026

Microsoft’s April 2026 Patch Tuesday has arrived with a massive security payload, addressing a staggering 163 vulnerabilities,...

Critical Alert 1 Active Exploit Detected Today