Cyber Security Archives • Page 4 of 11 • Daily CyberSecurity

10 CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints Quest KACE SMA Vulnerability CVE-2025-32975 Exploit

10 CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints

Do Son May 16, 2026

Cybersecurity researchers have just dropped a report on a critical “management plane” threat that has spent the...

Paper Werewolf Unleashed: Custom Stealers and AI-Assisted Loaders Target Global Industrial Hubs Paper Werewolf Espionage PaperGrabber Malware

Paper Werewolf Espionage PaperGrabber Malware

Paper Werewolf Unleashed: Custom Stealers and AI-Assisted Loaders Target Global Industrial Hubs

Do Son May 15, 2026

A new wave of cyber espionage has been unleashed against Russian industrial, financial, and transport sectors, revealing...

Critical PoC Released: Critical Linux Kernel ptrace Flaw Publicly Disclosed—Unprivileged Root File Access Possible

Do Son May 15, 2026

A critical “sanity check” gap in the Linux kernel’s ptrace logic has finally been addressed, but not...

High cPanel & WHM Patch 5 High-Severity Flaws, Including 8.6 Severity File Read and SQLi cPanel WHM Vulnerabilities 2026 CVE-2026-29205 Arbitrary File Read cPanel Security Vulnerability Perl Injection Exploit cPanel Authentication WHM Security cPanel Privilege Escalation, Directory Traversal LPE

High cPanel & WHM Patch 5 High-Severity Flaws, Including 8.6 Severity File Read and SQLi

Do Son May 15, 2026

Recently, cPanel & WHM and WP Squared have issued patches for five critical vulnerabilities. These flaws range...

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover ELECOM Router Vulnerability CVE-2026-42062 Command Injection

ELECOM Router Vulnerability CVE-2026-42062 Command Injection

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover

Do Son May 15, 2026

In a major security disclosure, JPCERT/CC has issued an urgent advisory regarding multiple high-severity vulnerabilities discovered in...

Critical Critical 9.2 CVSS RCE Found in Amazon Redshift JDBC Driver Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Critical Critical 9.2 CVSS RCE Found in Amazon Redshift JDBC Driver

Do Son May 15, 2026

Security teams are being urged to move quickly following the disclosure of a critical Remote Code Execution...

Critical Critical 9.4 CVSS pgAdmin 4 Flaws Enable Full OS Command Execution pgAdmin 4 Vulnerabilities CVE-2026-7813 Authorization Bypass pgAdmin RCE, BOM Bypass Flaw

pgAdmin 4 Vulnerabilities CVE-2026-7813 Authorization Bypass pgAdmin RCE, BOM Bypass Flaw

Critical Critical 9.4 CVSS pgAdmin 4 Flaws Enable Full OS Command Execution

Do Son May 15, 2026

In a major security overhaul, pgAdmin, the world’s most popular open-source administration platform for PostgreSQL, has released...

8.1 Exploited in the Wild: Critical OWA Spoofing Flaw (CVE-2026-42897) Hits On-Premises Exchange Servers Outlook Web Access Exploit CVE-2026-42897 Exchange Server

Outlook Web Access Exploit CVE-2026-42897 Exchange Server

8.1 Exploited in the Wild: Critical OWA Spoofing Flaw (CVE-2026-42897) Hits On-Premises Exchange Servers

Do Son May 15, 2026

Microsoft has issued an urgent warning for organizations running on-premises email infrastructure. A newly disclosed vulnerability in...

Critical 79 Security Holes Sealed: Google Issues Urgent Chrome Update to Fix 14 “Critical” Vulnerabilities Chrome Security Update May 2026 Chrome Critical Vulnerabilities Fix

Chrome Security Update May 2026 Chrome Critical Vulnerabilities Fix

Critical 79 Security Holes Sealed: Google Issues Urgent Chrome Update to Fix 14 “Critical” Vulnerabilities

Do Son May 15, 2026

Google has unleashed a major security update for the Chrome Stable channel, addressing a staggering 79 security...

Critical Nginx Releases Critical Update: Six Vulnerabilities Patched in New Stable Version NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

Critical Nginx Releases Critical Update: Six Vulnerabilities Patched in New Stable Version

Do Son May 14, 2026

The web infrastructure world received a major wake-up call today as nginx-1.30.1 was released to address a...

Critical Critical IKEv2 Buffer Overflow and CAS Bypass Hit Palo Alto PAN-OS PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110

Critical Critical IKEv2 Buffer Overflow and CAS Bypass Hit Palo Alto PAN-OS

Do Son May 14, 2026

Palo Alto Networks has released a series of important security updates addressing multiple vulnerabilities across its PAN-OS...

Weaponized JPEG Payload Deploys Trojanized ScreenConnect for Covert Espionage axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Weaponized JPEG Payload Deploys Trojanized ScreenConnect for Covert Espionage

Do Son May 14, 2026

The threat intelligence team at CYFIRMA has uncovered a sophisticated multi-stage intrusion campaign. Attackers are currently leveraging...

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

Do Son May 14, 2026

In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has...

Critical GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances GitLab security updates, GitLab patch release, CVE-2026-6552, CVE-2026-10087, CVE-2026-7250 GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab security updates, GitLab patch release, CVE-2026-6552, CVE-2026-10087, CVE-2026-7250 GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

Critical GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances

Do Son May 14, 2026

In a major move to secure its DevOps platform, GitLab has released important security versions for both...

Critical Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Critical Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data

Do Son May 14, 2026

Ivanti has issued an urgent security update for its Xtraction platform to address a critical vulnerability. Carrying...

8.8 Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

8.8 Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover

Do Son May 14, 2026

Time-series data is the backbone of countless modern applications, from financial tickers to IoT monitoring. However, a...

9.1 OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed OPNsense RCE Vulnerability CVE-2026-44194 PoC

9.1 OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed

Do Son May 14, 2026

The open-source firewall community is on high alert today after critical security vulnerabilities in OPNsense were dragged...

8.1 Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed NGINX RCE Vulnerability CVE-2026-42945 PoC

8.1 Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed

Do Son May 14, 2026

Security researcher Zhenpeng (Leo) Lin of depthfirst has unveiled a critical, 18-year-old vulnerability lurking within NGINX. The...

Fragnesia Universal Linux Root LPE Details and One-Line PoC Disclosed Fragnesia Linux Exploit Universal LPE PoC

Fragnesia Universal Linux Root LPE Details and One-Line PoC Disclosed

Do Son May 13, 2026

The Linux security landscape has been rocked by the public disclosure of Fragnesia, a universal local privilege...

JDownloader Site Breach Installs Rootkits that Kill Your Antivirus Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

JDownloader Site Breach Installs Rootkits that Kill Your Antivirus

Do Son May 13, 2026

In a sophisticated supply-chain attack, attackers compromised the official JDownloader website between May 6 and May 7,...