cybersecurity Archives • Page 15 of 88 • Daily CyberSecurity

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action

Do Son March 24, 2026

On March 23, 2026, Cloud Software Group released a high-priority security bulletin addressing two vulnerabilities in NetScaler...

Copyright Lures and “Fileless” Shadows: Inside the PureLog Stealer Campaign PureLog Stealer Fileless Malware

Copyright Lures and “Fileless” Shadows: Inside the PureLog Stealer Campaign

Do Son March 24, 2026

A highly organized malware campaign is currently stalking key industries by weaponizing something every professional fears: a...

Critical 9.1 CVSS Flaws Threaten Total Wazuh Cluster Takeover Wazuh Vulnerability Security Cluster RCE

Critical 9.1 CVSS Flaws Threaten Total Wazuh Cluster Takeover

Do Son March 24, 2026

Wazuh, the popular open-source security platform trusted by organizations to protect cloud and on-premises workloads, is facing...

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data Windows .lnk Vulnerability CVE-2026-25185

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data

Do Son March 23, 2026

Security researcher Christopher Paschen of TrustedSec has unveiled a vulnerability within a ubiquitous part of the Windows...

Vibe Coding the Apocalypse: McAfee Uncovers AI-Generated Malware Scaling Global Attacks AI-Generated Malware Vibe Coding Attacks

Vibe Coding the Apocalypse: McAfee Uncovers AI-Generated Malware Scaling Global Attacks

Do Son March 23, 2026

A widespread malware campaign has been caught casting a massive net across the internet, hiding malicious code...

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak Spring Boot Actuator Malware-less Attack

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak

Do Son March 23, 2026

A recent investigation by Trend Micro has revealed a case study where a devastating data exfiltration incident...

New “StoatWaffle” Malware Emerges in North Korean “Contagious Interview” Campaign StoatWaffle WaterPlum

New “StoatWaffle” Malware Emerges in North Korean “Contagious Interview” Campaign

Do Son March 23, 2026

A new modular malware threat has been identified in the wild, signaling a shift in tactics for...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

The Weekly Breach: 7 Maximum CVSS Flaws and the DarkSword Exploit Unveiled

Do Son March 23, 2026

The past seven days have been an exceptionally busy period for cybersecurity defenders. Between March 16 and...

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies DarkSword Exploit iOS Zero-Day

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies

Do Son March 22, 2026

In a comprehensive technical disclosure, the Google Threat Intelligence Group (GTIG) has revealed the existence of a...

Weaponizing Trust: FBI Warns Iran’s MOIS is Using Telegram as a Malware C2 Hub Telegram C2 Iran MOIS

Weaponizing Trust: FBI Warns Iran’s MOIS is Using Telegram as a Malware C2 Hub

Do Son March 22, 2026

The Federal Bureau of Investigation (FBI) has issued a high-priority “FLASH” alert detailing a sophisticated cyber-intelligence operation...

Disconnect Immediately: Rockwell Automation Issues Urgent Warning for Industrial Controllers

Do Son March 22, 2026

In a proactive move aimed at securing critical infrastructure, Rockwell Automation has issued a high-priority “Important Notice”...

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data Windsurf Stealer Solana Blockchain Malware

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data

Do Son March 22, 2026

Security researchers at Bitdefender have uncovered a sophisticated cyberattack targeting the developer community through a malicious extension...

Turf War in Your Living Room: ‘Katana’ Botnet Hijacks Android TV Boxes with Custom Rootkits Katana Botnet Android TV Malware

Turf War in Your Living Room: ‘Katana’ Botnet Hijacks Android TV Boxes with Custom Rootkits

Do Son March 22, 2026

A specialized report from the Nokia Deepfield Emergency Response Team (ERT) has identified a sharp escalation in...

FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps Signal Phishing CMA Account Takeover

FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps

Do Son March 22, 2026

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a...

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover IP-KVM Vulnerabilities Hardware Security

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover

Do Son March 22, 2026

Security researchers Reynaldo Vasquez Garcia and Paul Asadoorian from Eclypsium have issued a warning regarding a category...

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV

Do Son March 21, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding five...

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure Netwrix Vulnerability Password Secure

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure

Do Son March 21, 2026

Netwrix has issued an urgent security advisory following an internal review that uncovered multiple high-severity vulnerabilities in...

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

Do Son March 21, 2026

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution....

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884