cybersecurity Archives • Page 15 of 86 • Daily CyberSecurity

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs Chrome Security Update Critical Vulnerabilities

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs

Ddos March 20, 2026

Google has announced a significant security update for the Chrome stable channel, addressing a staggering 26 security...

The Typosquatting Trap: Fake Telegram Portal Delivers Stealthy Memory-Resident Malware

Ddos March 20, 2026

Cybersecurity researchers have uncovered a deceptive campaign that uses a typosquatted website to impersonate the official Telegram...

Critical Quest KACE Flaw Exploited for Total Network Takeover Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical Quest KACE Flaw Exploited for Total Network Takeover

Ddos March 20, 2026

Security researchers at Arctic Wolf have issued an urgent warning after observing a spike in malicious activity...

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’ Boggy Serpens Iranian APT

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’

Ddos March 20, 2026

A new assessment from Unit 42 reveals a significant maturation in the tactics of Boggy Serpens, an...

High-Severity RCE Flaw in Atlassian Bamboo Threatens CI/CD Environments CVE-2023-22508 Atlassian Bamboo Vulnerability CVE-2026-21570

High-Severity RCE Flaw in Atlassian Bamboo Threatens CI/CD Environments

Ddos March 19, 2026

Atlassian has sounded the alarm for users of its Bamboo Data Center, uncovering a high-severity Remote Code...

Invisible Ink: Critical 9.6 CVSS jsPDF Flaw Turns Generated Documents into XSS Traps

Ddos March 19, 2026

A critical-severity vulnerability has been identified in jsPDF, the popular JavaScript library used by developers worldwide to...

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers

Ddos March 19, 2026

Security researchers have identified two severe vulnerabilities in Langflow, the popular visual framework for building AI-powered agents....

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

CISA Issues Urgent Warning Following Global Cyberattack on Stryker

Ddos March 19, 2026

In a move to protect the nation’s critical infrastructure, the Cybersecurity and Infrastructure Security Agency (CISA) has...

The Judicial Decoy: Sophisticated Rust RAT Infiltrates Argentina’s Federal Courts Rust RAT Argentina Legal Cyberattack

The Judicial Decoy: Sophisticated Rust RAT Infiltrates Argentina’s Federal Courts

Ddos March 19, 2026

A highly sophisticated, multi-stage cyber infection chain has been uncovered targeting the heart of Argentina’s legal infrastructure....

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors

Ddos March 19, 2026

The Warlock ransomware group (also tracked as Water Manaul) has significantly sharpened its claws. A recent deep-dive...

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks

Ddos March 19, 2026

Ubiquiti has issued an urgent security advisory following the discovery of two significant vulnerabilities within its UniFi...

Ghost in the Browser: Advanced ‘GoPix’ Trojan Unveils Unprecedented MitM Attacks GoPix Trojan Brazilian Banking Malware

Ghost in the Browser: Advanced ‘GoPix’ Trojan Unveils Unprecedented MitM Attacks

Ddos March 19, 2026

A sophisticated new threat has emerged from the Brazilian cybercrime underground, signaling a dangerous shift toward APT-level...

The New Face of Phishing: Hackers Weaponize Browser Prompts to Steal Biometric Data Biometric Phishing Browser Permission Hijacking

The New Face of Phishing: Hackers Weaponize Browser Prompts to Steal Biometric Data

Ddos March 19, 2026

A highly active social engineering campaign is rewriting the phishing playbook by shifting its focus from simple...

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra

Ddos March 19, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding...

Exploited in the Wild: Interlock Ransomware Weaponizes Critical 10.0 CVSS Cisco Zero-Day Interlock Ransomware Cisco Zero-Day

Exploited in the Wild: Interlock Ransomware Weaponizes Critical 10.0 CVSS Cisco Zero-Day

Ddos March 19, 2026

Amazon threat intelligence has uncovered an active Interlock ransomware campaign that exploited a critical vulnerability in Cisco...

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots GitHub Supply Chain Attack Polymarket Malware

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots

Ddos March 19, 2026

In a sophisticated supply chain attack discovered by the StepSecurity threat intelligence team, a legitimate Japanese DeFi...

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility RegPwn Vulnerability CVE-2026-24291

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility

Ddos March 18, 2026

A newly discovered vulnerability, dubbed RegPwn, has pulled back the curtain on a significant security gap in...

Critical 9.8 CVSS Schneider Electric Flaw Exposes SCADA and Data Center Systems CVE-2024-10575 CVE-2025-1960 Schneider Electric Vulnerability CVE-2026-0667

CVE-2024-10575 CVE-2025-1960 Schneider Electric Vulnerability CVE-2026-0667

Critical 9.8 CVSS Schneider Electric Flaw Exposes SCADA and Data Center Systems

Ddos March 18, 2026

Schneider Electric has exposed the curtain on two significant vulnerabilities affecting critical infrastructure tools. From remote terminal...

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys ScreenConnect Vulnerability CVE-2026-3564

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys

Ddos March 18, 2026

ConnectWise recently issued a critical security update for its ScreenConnect platform, addressing a significant vulnerability that could...

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets ClickFix Campaign WordPress Malware

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets

Ddos March 18, 2026

In a sophisticated new campaign active since late 2025, a mysterious threat actor has been turning the...

Critical Alert 1 Active Exploit Detected Today