cybersecurity Archives • Page 16 of 88 • Daily CyberSecurity

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw

Do Son March 21, 2026

Apple has broken new ground in its defensive strategy, utilizing a “Background Security Improvements” feature to deliver...

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints

Do Son March 20, 2026

Security researchers have issued a double warning for developers using the Spring Boot framework, identifying two high-severity...

New Mirai Variant and “Monaco” Miner Targeting Linux Devices Linux Malware CondiBot

New Mirai Variant and “Monaco” Miner Targeting Linux Devices

Do Son March 20, 2026

Security researchers at Eclypsium have identified two distinct and previously undocumented malware strains targeting Linux-based systems. On...

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes Windows libarchive Flaw CVE-2025-59284

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes

Do Son March 20, 2026

Security researchers Len Sadowski and Oğuz Bektaş have publicly pulled back the curtain on a vulnerability within...

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets

Do Son March 20, 2026

A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters....

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats

Do Son March 20, 2026

A massive malware distribution campaign has been uncovered targeting the global gaming community under the guise of...

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail Operation GhostMail Zero-Click XSS

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail

Do Son March 20, 2026

A sophisticated cyberespionage campaign, dubbed Operation GhostMail, has been detected targeting critical government infrastructure in Ukraine. Security...

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE CursorJack Cursor Vulnerability

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE

Do Son March 20, 2026

Security researchers at Proofpoint Threat Research have detailed a novel exploitation method dubbed CursorJack, which targets the...

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire

Do Son March 20, 2026

In a massive display of international cooperation, the U.S. Justice Department has joined forces with law enforcement...

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT Forbidden Hyena BlackReaperRAT

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT

Do Son March 20, 2026

A detailed forensic investigation by BI.ZONE Threat Intelligence has unmasked a series of advanced cyber operations conducted...

The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers CVE-2024-22234 Spring Security Vulnerability CVE-2026-22732

CVE-2024-22234 Spring Security Vulnerability CVE-2026-22732

The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers

Do Son March 20, 2026

A critical-severity security flaw has been identified in Spring Security, the industry-standard framework for securing Java-based enterprise...

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats Iranian Cyberwarfare DOJ Domain Seizure

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats

Do Son March 20, 2026

The U.S. Department of Justice has struck a major blow against the Islamic Republic of Iran’s cyberwarfare...

Bypassed Boundaries: Two New Vulnerabilities Threaten Spring Framework Apps CVE-2024-22259 Spring Framework Vulnerabilities CVE-2026-22737

Bypassed Boundaries: Two New Vulnerabilities Threaten Spring Framework Apps

Do Son March 20, 2026

Security researchers have identified two distinct vulnerabilities within the widely used Spring Framework, affecting both Spring MVC...

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs Chrome Security Update Critical Vulnerabilities

Urgent Patch: Massive Google Chrome Update Patches 26 Flaws, Including 3 Critical Bugs

Do Son March 20, 2026

Google has announced a significant security update for the Chrome stable channel, addressing a staggering 26 security...

The Typosquatting Trap: Fake Telegram Portal Delivers Stealthy Memory-Resident Malware

Do Son March 20, 2026

Cybersecurity researchers have uncovered a deceptive campaign that uses a typosquatted website to impersonate the official Telegram...

Critical Quest KACE Flaw Exploited for Total Network Takeover Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical Quest KACE Flaw Exploited for Total Network Takeover

Do Son March 20, 2026

Security researchers at Arctic Wolf have issued an urgent warning after observing a spike in malicious activity...

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’ Boggy Serpens Iranian APT

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’

Do Son March 20, 2026

A new assessment from Unit 42 reveals a significant maturation in the tactics of Boggy Serpens, an...

High-Severity RCE Flaw in Atlassian Bamboo Threatens CI/CD Environments CVE-2023-22508 Atlassian Bamboo Vulnerability CVE-2026-21570

High-Severity RCE Flaw in Atlassian Bamboo Threatens CI/CD Environments

Do Son March 19, 2026

Atlassian has sounded the alarm for users of its Bamboo Data Center, uncovering a high-severity Remote Code...

Invisible Ink: Critical 9.6 CVSS jsPDF Flaw Turns Generated Documents into XSS Traps

Do Son March 19, 2026

A critical-severity vulnerability has been identified in jsPDF, the popular JavaScript library used by developers worldwide to...

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers

Do Son March 19, 2026

Security researchers have identified two severe vulnerabilities in Langflow, the popular visual framework for building AI-powered agents....