cyber attack Archives • Daily CyberSecurity

New Knowledge Deliver RCE Vulnerability Exploited in the Wild

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

New Knowledge Deliver RCE Vulnerability Exploited in the Wild

Do Son May 25, 2026

In late 2025, Mandiant responded to a major security incident involving a compromised web server. Specifically, the...

Total Database Collapse: Inside the ElectricSQL CVSS 10.0 SQL Injection ElectricSQL SQL Injection PostgreSQL Tenant Isolation

Total Database Collapse: Inside the ElectricSQL CVSS 10.0 SQL Injection

Do Son April 22, 2026

ElectricSQL, the popular sync engine used to power modern real-time applications, has disclosed a catastrophic SQL injection...

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

EU Confirms Data Exfiltration in Attack on Europa.eu Cloud Infrastructure

Do Son March 30, 2026

The European Commission has disclosed a significant cyber-attack targeting the cloud infrastructure that hosts its primary web...

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

Do Son March 26, 2026

The attackers begin actively exploiting a critical vulnerability in Kali Forms, a popular drag-and-drop form builder WordPress...

PolyShell Alert: Critical Magento REST API Vulnerability Faces Massive Global Exploitation in the Wild PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Alert: Critical Magento REST API Vulnerability Faces Massive Global Exploitation in the Wild

Do Son March 24, 2026

A critical security flaw in the Magento REST API is currently being weaponized by cybercriminals to hijack...

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware

Do Son January 30, 2026

Security researchers at Morphisec have uncovered a massive compromise affecting eScan, an enterprise antivirus solution developed by...

“Osiris” Rises: New Ransomware Targets Southeast Asian Food Giant with Advanced Tactics Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

“Osiris” Rises: New Ransomware Targets Southeast Asian Food Giant with Advanced Tactics

Do Son January 26, 2026

A new ransomware family, borrowing the name of the ancient Egyptian god of the dead, has emerged...

40,000 Hits in 4 Hours: RondoDox Botnet Storms HPE OneView GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

40,000 Hits in 4 Hours: RondoDox Botnet Storms HPE OneView

Do Son January 16, 2026

Check Point Research uncovered a massive, automated assault on HPE OneView. Researchers observed a botnet launching over...

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA

Do Son December 25, 2025

Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to...

Hacker Honeypot? BreachForums Reopens via Emails Sent from French Ministry of the Interior Domain SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

Hacker Honeypot? BreachForums Reopens via Emails Sent from French Ministry of the Interior Domain

Do Son December 17, 2025

The original founder of the BreachForums hacking forum has already been arrested and sentenced to prison, ultimately...

Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Backdoor Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Backdoor

Do Son November 21, 2025

The AhnLab Security Intelligence Center (ASEC) has uncovered an active exploitation campaign in which threat actors weaponized...

PoC Published: Linux Kernel 0-Click RCE Vulnerability Found in ksmbd Linux kernel, SMB vulnerability

PoC Published: Linux Kernel 0-Click RCE Vulnerability Found in ksmbd

Do Son September 16, 2025

In a recent deep-dive analysis, security researcher BitsByWill examined two critical Linux kernel vulnerabilities—CVE-2023-52440 and CVE-2023-4130—both impacting...

A Massive Coordinated Attack Is Probing Cisco ASA Devices Cisco ASA, reconnaissance

A Massive Coordinated Attack Is Probing Cisco ASA Devices

Do Son September 5, 2025

The GreyNoise Intelligence team has observed two unusually large waves of scanning activity targeting Cisco Adaptive Security...

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack NetScaler, CVE-2025-7775

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

Do Son August 26, 2025

The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler...

A Storm Is Coming: A Massive Coordinated Attack Is Probing RDP Connections RDP scanning, Remote Desktop Protocol

A Storm Is Coming: A Massive Coordinated Attack Is Probing RDP Connections

Do Son August 26, 2025

Security intelligence firm GreyNoise has sounded the alarm over a massive spike in Microsoft Remote Desktop (RDP)...

Ransomware in Your Summary? New Attack Weaponizes AI Assistants sumary

Ransomware in Your Summary? New Attack Weaponizes AI Assistants

Do Son August 26, 2025

A new CloudSEK report has revealed a dangerous evolution in social engineering: the use of invisible prompt...

A New Linux Malware Hides in Plain Sight by Weaponizing File Names Linux-filenames

A New Linux Malware Hides in Plain Sight by Weaponizing File Names

Do Son August 25, 2025

Linux has long been considered a fortress of security—a preferred platform for developers, system administrators, and security...

DDoS Onslaught: Hacktivists and Botnets Drive Massive Surge in Cyber Attacks Hacktivism

DDoS Onslaught: Hacktivists and Botnets Drive Massive Surge in Cyber Attacks

Do Son August 22, 2025

The latest analysis from NETSCOUT highlights a dramatic escalation in botnet-driven distributed denial-of-service (DDoS) attacks during July...

Spear-Phishing Campaign Targets CFOs with Sophisticated Multi-Stage Intrusion Spear-phishing, MuddyWater

Spear-Phishing Campaign Targets CFOs with Sophisticated Multi-Stage Intrusion

Do Son August 22, 2025

A new report from Hunt Intelligence reveals a highly targeted spear-phishing campaign that has been systematically preying...

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices PumaBot, Linux Botnet

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Do Son June 1, 2025

Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go...

Critical Alert 1 Active Exploit Detected Today