cybersecurity Archives • Page 13 of 88 • Daily CyberSecurity

Critical JWT Bypass in Convoy Panel Allows Full Account Takeover Convoy Vulnerability JWT Authentication Bypass

Critical JWT Bypass in Convoy Panel Allows Full Account Takeover

Do Son April 7, 2026

A critical security vulnerability has been unmasked in Convoy, the modern KVM server management panel used by...

Breaking the App Shell: Five New Electron Vulnerabilities Shatter Context Isolation Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Breaking the App Shell: Five New Electron Vulnerabilities Shatter Context Isolation

Do Son April 7, 2026

The Electron framework—the powerhouse behind heavyweights like Visual Studio Code and countless other cross-platform desktop applications —has...

BlueHammer: Researcher Drops Functional 0-Day Exploit Targeting Windows Defender BlueHammer Exploit Windows Defender 0-day

BlueHammer: Researcher Drops Functional 0-Day Exploit Targeting Windows Defender

Do Son April 7, 2026

A researcher has publicly disclosed a functional zero-day exploit targeting the internal signature update mechanism of Windows...

The Evolution of an Infostealer: Xloader 8.7 Unmasked Xloader Malware Information Stealer Phantom Stealer v3.5.0 DLL Sideloading Attack

The Evolution of an Infostealer: Xloader 8.7 Unmasked

Do Son April 7, 2026

ThreatLabz has released a deep-dive analysis into the latest iterations of Xloader, a notorious information-stealing malware that...

GPUBreach Rowhammer Hijacks GPUs for Full System Root GPUBreach GPU Rowhammer

GPUBreach Rowhammer Hijacks GPUs for Full System Root

Do Son April 7, 2026

Researchers from the University of Toronto have demonstrated that Rowhammer attacks on GPUs can move far beyond...

The Unkillable Spy: How “Operation NoVoice” Rootkits Hijack Androids and Clone WhatsApp Operation NoVoice Android Rootkit

The Unkillable Spy: How “Operation NoVoice” Rootkits Hijack Androids and Clone WhatsApp

Do Son April 7, 2026

A new mobile threat is proving that even the most trusted app stores aren’t immune to high-level...

WhatsApp Under Siege: Microsoft Uncovers Global VBS Malware Campaign WhatsApp VBS Malware Living-off-the-Land (LotL)

WhatsApp Under Siege: Microsoft Uncovers Global VBS Malware Campaign

Do Son April 7, 2026

A new and highly sophisticated malware campaign is exploiting the trust users place in familiar communication platforms....

Fileless Remcos RAT Hijacks Trusted Windows Tools Remcos RAT Fileless Malware

Fileless Remcos RAT Hijacks Trusted Windows Tools

Do Son April 7, 2026

A sophisticated and carefully orchestrated malware campaign has been uncovered, marking a significant evolution in how attackers...

The 24-Hour Blitz: Storm-1175 Weaponizes Zero-Days for High-Velocity Ransomware Storm-1175 Medusa Ransomware

The 24-Hour Blitz: Storm-1175 Weaponizes Zero-Days for High-Velocity Ransomware

Do Son April 6, 2026

A new report from Microsoft Threat Intelligence has exposured on Storm-1175, a financially motivated threat actor that...

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack Ninja Forms RCE WordPress Vulnerability

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Do Son April 6, 2026

In a major alert for the WordPress community, a critical security flaw has been disclosed in the...

Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers Keycloak vulnerabilities Keycloak Security MFA Bypass

Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers

Do Son April 6, 2026

The popular open-source identity and access management solution Keycloak has released a critical security update, version 26.5.7,...

Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass fast-jwt JWT Algorithm Confusion

Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass

Do Son April 6, 2026

Security researchers have disclosed two major vulnerabilities within fast-jwt, a high-performance library used to implement JSON Web...

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC STAC6405 Phishing RMM Abuse

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

Do Son April 6, 2026

Cybercriminals are increasingly trading custom-built malware for legitimate software to slip past corporate defenses. A new investigation...

Operation DualScript Bypasses Defenses to Hijack Crypto and Cash AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Operation DualScript Bypasses Defenses to Hijack Crypto and Cash

Do Son April 6, 2026

A sophisticated, multi-stage malware campaign dubbed Operation DualScript is currently bypassing traditional defenses to siphon funds from...

ChatGPT Lockdown Mode OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

The DNS Trap: How a “Hidden” Path Allowed ChatGPT to Silently Leak Your Private Data

Do Son April 6, 2026

In the world of AI, trust is built on a simple, unspoken agreement: what stays in the...

ResokerRAT Uses Telegram to Hijack Your PC and Disable Your Security Keys GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

ResokerRAT Uses Telegram to Hijack Your PC and Disable Your Security Keys

Do Son April 6, 2026

A new and sophisticated threat has emerged in the digital landscape, turning a popular messaging app into...

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season 2026 Tax Phishing RMM Abuse

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season

Do Son April 5, 2026

As the 2026 tax season reaches its peak, cybersecurity researchers have identified a massive surge in digital...

The BPO Backdoor: How “Mr. Raccoon” Swiped 13 Million Adobe Support Tickets Adobe BPO Breach Mr. Raccoon Hacker

The BPO Backdoor: How “Mr. Raccoon” Swiped 13 Million Adobe Support Tickets

Do Son April 3, 2026

The cybersecurity world is reeling following reports of a massive data breach at Adobe, orchestrated by a...

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive Coruna Exploit Kit iOS Kernel Vulnerability

Coruna Exploit Kit iOS Kernel Vulnerability

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive

Do Son April 2, 2026

On March 4, 2026, reports from Google and iVerify shed light on Coruna, a highly sophisticated exploit...

macOS Malware Hijacks Ledger Live with “Invisible” Electron Archives OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

macOS Malware Hijacks Ledger Live with “Invisible” Electron Archives

Do Son April 2, 2026

The macOS threat landscape is evolving, moving away from simple malicious binaries toward sophisticated “trojanization” of the...