Cyber Security Archives • Page 8 of 11 • Daily CyberSecurity

CVE-2026-26016: Critical Pterodactyl API Flaw (CVSS 9.2) Exposes Entire Server Networks Pterodactyl Vulnerability CVE-2026-26016

CVE-2026-26016: Critical Pterodactyl API Flaw (CVSS 9.2) Exposes Entire Server Networks

Ddos February 19, 2026

Pterodactyl is a highly popular free and open-source game server management panel. Designed with security in mind...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Urgent Chrome Patch: Google Fixes High-Severity PDF and V8 Engine Flaws

Ddos February 19, 2026

Google has initiated an urgent rollout for the Chrome Stable channel, delivering a crucial update to patch...

Infected Out of the Box: “Keenadu” Backdoor Hijacks Android at the Firmware Level Keenadu Malware Android Firmware Backdoor

Infected Out of the Box: “Keenadu” Backdoor Hijacks Android at the Firmware Level

Ddos February 18, 2026

Researchers at Kaspersky Labs have uncovered a massive, firmware-level compromise affecting Android devices globally. Dubbed Keenadu, this...

The 1% Breach: 287 Chrome Extensions Caught Spying on 37M Users Malicious Chrome Extensions

The 1% Breach: 287 Chrome Extensions Caught Spying on 37M Users

Ddos February 17, 2026

A sweeping new investigation by Q Continuum has uncovered a massive surveillance network operating within the Chrome...

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord Foxveil Malware

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord

Ddos February 17, 2026

A new and elusive malware loader has been discovered prowling the legitimate infrastructure of the web, abusing...

“CL Suite” Deception: Malicious Chrome Extension Steals 2FA Secrets and Meta Business Data CL Suite Malicious Extension Meta Business Suite Security

CL Suite Malicious Extension Meta Business Suite Security

“CL Suite” Deception: Malicious Chrome Extension Steals 2FA Secrets and Meta Business Data

Ddos February 17, 2026

A malicious Google Chrome extension posing as a productivity tool for Meta Business Suite has been caught...

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware StealC Malware ClickFix Campaign

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware

Ddos February 16, 2026

A new report from LevelBlue dissects a sophisticated multi-stage malware campaign that turns a routine security check...

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust Telegram Phishing Account Takeover

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust

Ddos February 13, 2026

A new phishing campaign is targeting Telegram users by turning the platform’s own security features into a...

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets

Ddos February 12, 2026

Ivanti has rolled out important security updates for its Endpoint Manager (EPM), addressing a pair of vulnerabilities...

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot

Ddos February 11, 2026

Security researchers have recently unveiled a sophisticated stratagem wherein adversaries gained control of the domain 7zip[.]com to...

APT28 Weaponizes Office Flaw to Spy on NATO & Military NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

APT28 Weaponizes Office Flaw to Spy on NATO & Military

Ddos February 9, 2026

The notorious Russian state-sponsored group APT28 (also known as Fancy Bear) has launched a sophisticated new espionage...

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT CrashFix Malware ClickFix Campaign

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Ddos February 6, 2026

A dangerous evolution of the “ClickFix” social engineering campaign has been spotted in the wild, using a...

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps

Ddos February 6, 2026

A sweeping new analysis by the Microsoft Defender Security Research Team reveals a rapidly evolution in the...

10 Days to Exploit: Amaranth-Dragon Weaponizes WinRAR Flaw to Spy on SE Asia Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

10 Days to Exploit: Amaranth-Dragon Weaponizes WinRAR Flaw to Spy on SE Asia

Ddos February 5, 2026

A new and relentless cyber-espionage campaign is sweeping across government and law enforcement agencies in Southeast Asia,...

Rooted via Wi-Fi 7: TP-Link Patches Command Injection in Archer BE230

Ddos February 4, 2026

A new security advisory from TP-Link has disclosed multiple authenticated command injection vulnerabilities affecting its Archer BE230 Wi-Fi...

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux ShadowHS Malware Linux Fileless Intrusion

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux

Ddos February 4, 2026

Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated Linux intrusion chain dubbed ShadowHS, a campaign...

Wrapped in Stealth: Python RAT Hides Inside ELF Binary to Evade Detection Python-based RAT Adaptive Beaconing

Wrapped in Stealth: Python RAT Hides Inside ELF Binary to Evade Detection

Ddos February 2, 2026

In a landscape often dominated by complex, state-sponsored malware, a new threat has emerged that proves simplicity...

Calendar Spy: How “Indirect Prompt Injection” Turned Google Gemini Into a Spy Apple iOS 26.4 Siri Google Gemini, AFM v10 parameter count Gemini 3 Flash benchmarks, Google Gemini 3 Flash vs GPT-5.2

Apple iOS 26.4 Siri Google Gemini, AFM v10 parameter count Gemini 3 Flash benchmarks, Google Gemini 3 Flash vs GPT-5.2

Calendar Spy: How “Indirect Prompt Injection” Turned Google Gemini Into a Spy

Ddos January 22, 2026

Security researchers have uncovered a new vulnerability in Google’s AI ecosystem that turns a routine calendar invite...

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware Proxyjacking Larva-25012

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware

Ddos January 22, 2026

A new wave of cyberattacks is targeting users looking for free software, turning their computers into unwilling...

Total Takeover: Critical CVSS 10 Flaw Found in Oracle Fusion Middleware Oracle breach Oracle Fusion Middleware CVE-2026-21962

Total Takeover: Critical CVSS 10 Flaw Found in Oracle Fusion Middleware

Ddos January 21, 2026

Oracle has kicked off 2026 with a massive security overhaul, releasing its first Critical Patch Update (CPU)...