Brute Force Archives • Daily CyberSecurity

DragonForce Ransomware Strikes Manufacturing Sector with Brute-Force, Exfiltrating Data Over SSH to Russian Host DragonForce RaaS, Manufacturing Ransomware

DragonForce RaaS, Manufacturing Ransomware

DragonForce Ransomware Strikes Manufacturing Sector with Brute-Force, Exfiltrating Data Over SSH to Russian Host

Do Son November 7, 2025

Cybersecurity firm Darktrace has published a detailed investigation into a DragonForce-affiliated ransomware attack that targeted a manufacturing...

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years

Do Son September 11, 2025

Jamf Threat Labs has uncovered a new variant of the ChillyHell malware family—an advanced, modular backdoor for...

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam Go module, SSH brute-force scam

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Do Son August 23, 2025

The open-source ecosystem has once again been exploited to distribute malicious software. Socket’s Threat Research Team has...

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces Apache Tomcat, Brute-Force Attacks CVE-2024-38286 - Apache Tomcat 11

Apache Tomcat, Brute-Force Attacks CVE-2024-38286 - Apache Tomcat 11

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Do Son June 13, 2025

A significant surge in brute-force attacks is targeting Apache Tomcat Manager interfaces, according to a new report...

Google Self-Preferencing Fine Idealo Antitrust Damages Anthropic, Google TPUs Google DMA Compliance, Search Self-Preferencing Google Play Store Ruling, Epic Games Victory Google fine, ad tech Google lawsuit, privacy violation Gmail security, false alarm Google Play EU regulation Google Security, Phone Number Leak Google 2025 - Google China’s Anti-Monopoly Law Google monopoly, ad tech Pixel 7a battery, battery swelling

Google Account Flaw Exposed Phone Numbers: Brute-Force Attack Possible, Now Patched

Do Son June 10, 2025

In April, a researcher uncovered a security vulnerability within Google’s account system that allowed them to obtain...

Unmasking BtHoster: The Bulletproof Host Fueling Global Cyberattacks BtHoster, Bulletproof Hosting

Unmasking BtHoster: The Bulletproof Host Fueling Global Cyberattacks

Do Son June 3, 2025

In a revealing investigation, French cybersecurity firm Intrinsec exposes the sprawling infrastructure of BtHoster, a bulletproof hosting...

High-Risk RAGFlow Flaw: Account Takeover Possible (No Patch, PoC Available)

Do Son May 20, 2025

RAGFlow, the open-source Retrieval-Augmented Generation (RAG) platform developed by Infiniflow, has been found vulnerable to a serious...

Critical Risk (CVSS 9.1): Auth0-PHP SDK Flaw Threatens 16M+ Downloads Auth0-PHP vulnerability CVE-2025-47275

Critical Risk (CVSS 9.1): Auth0-PHP SDK Flaw Threatens 16M+ Downloads

Do Son May 19, 2025

Okta has issued a critical security advisory warning developers and enterprises using the Auth0-PHP SDK about a...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Brute Force

DragonForce Ransomware Strikes Manufacturing Sector with Brute-Force, Exfiltrating Data Over SSH to Russian Host

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Google Account Flaw Exposed Phone Numbers: Brute-Force Attack Possible, Now Patched

Unmasking BtHoster: The Bulletproof Host Fueling Global Cyberattacks

High-Risk RAGFlow Flaw: Account Takeover Possible (No Patch, PoC Available)

Critical Risk (CVSS 9.1): Auth0-PHP SDK Flaw Threatens 16M+ Downloads