cybersecurity Archives • Page 17 of 88 • Daily CyberSecurity

CISA Issues Urgent Warning Following Global Cyberattack on Stryker

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

CISA Issues Urgent Warning Following Global Cyberattack on Stryker

Do Son March 19, 2026

In a move to protect the nation’s critical infrastructure, the Cybersecurity and Infrastructure Security Agency (CISA) has...

The Judicial Decoy: Sophisticated Rust RAT Infiltrates Argentina’s Federal Courts Rust RAT Argentina Legal Cyberattack

The Judicial Decoy: Sophisticated Rust RAT Infiltrates Argentina’s Federal Courts

Do Son March 19, 2026

A highly sophisticated, multi-stage cyber infection chain has been uncovered targeting the heart of Argentina’s legal infrastructure....

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors

Do Son March 19, 2026

The Warlock ransomware group (also tracked as Water Manaul) has significantly sharpened its claws. A recent deep-dive...

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks

Do Son March 19, 2026

Ubiquiti has issued an urgent security advisory following the discovery of two significant vulnerabilities within its UniFi...

Ghost in the Browser: Advanced ‘GoPix’ Trojan Unveils Unprecedented MitM Attacks GoPix Trojan Brazilian Banking Malware

Ghost in the Browser: Advanced ‘GoPix’ Trojan Unveils Unprecedented MitM Attacks

Do Son March 19, 2026

A sophisticated new threat has emerged from the Brazilian cybercrime underground, signaling a dangerous shift toward APT-level...

The New Face of Phishing: Hackers Weaponize Browser Prompts to Steal Biometric Data Biometric Phishing Browser Permission Hijacking

The New Face of Phishing: Hackers Weaponize Browser Prompts to Steal Biometric Data

Do Son March 19, 2026

A highly active social engineering campaign is rewriting the phishing playbook by shifting its focus from simple...

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra

Do Son March 19, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding...

Exploited in the Wild: Interlock Ransomware Weaponizes Critical 10.0 CVSS Cisco Zero-Day Interlock Ransomware Cisco Zero-Day

Exploited in the Wild: Interlock Ransomware Weaponizes Critical 10.0 CVSS Cisco Zero-Day

Do Son March 19, 2026

Amazon threat intelligence has uncovered an active Interlock ransomware campaign that exploited a critical vulnerability in Cisco...

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots GitHub Supply Chain Attack Polymarket Malware

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots

Do Son March 19, 2026

In a sophisticated supply chain attack discovered by the StepSecurity threat intelligence team, a legitimate Japanese DeFi...

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility RegPwn Vulnerability CVE-2026-24291

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility

Do Son March 18, 2026

A newly discovered vulnerability, dubbed RegPwn, has pulled back the curtain on a significant security gap in...

Critical 9.8 CVSS Schneider Electric Flaw Exposes SCADA and Data Center Systems CVE-2024-10575 CVE-2025-1960 Schneider Electric Vulnerability CVE-2026-0667

CVE-2024-10575 CVE-2025-1960 Schneider Electric Vulnerability CVE-2026-0667

Critical 9.8 CVSS Schneider Electric Flaw Exposes SCADA and Data Center Systems

Do Son March 18, 2026

Schneider Electric has exposed the curtain on two significant vulnerabilities affecting critical infrastructure tools. From remote terminal...

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys ScreenConnect Vulnerability CVE-2026-3564

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys

Do Son March 18, 2026

ConnectWise recently issued a critical security update for its ScreenConnect platform, addressing a significant vulnerability that could...

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets ClickFix Campaign WordPress Malware

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets

Do Son March 18, 2026

In a sophisticated new campaign active since late 2025, a mysterious threat actor has been turning the...

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems

Do Son March 18, 2026

Aryaka Threat Labs has unmasked a sophisticated malware operation dubbed BlackSanta. This Russian-speaking threat actor has spent...

Critical Craft CMS Flaw Grants Instant Admin Access Craft CMS Vulnerability CVE-2026-32267 CVE-2023-41892 Craft CMS CVE-2025-32432

Critical Craft CMS Flaw Grants Instant Admin Access

Do Son March 18, 2026

In the world of web development, the “Live Preview” button is a staple for content editors—a harmless...

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

The EU Strikes Back: New Sanctions Target Chinese and Iranian Cyber Threat Actors

Do Son March 18, 2026

In a decisive move to protect the digital sovereignty of its member states, the Council of the...

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware Weaponizable AI AI Cyber Threats

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware

Do Son March 18, 2026

Cybersecurity investigators at IBM X-Force have identified a disturbing new milestone in the evolution of digital threats:...

Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover

Do Son March 18, 2026

A critical vulnerability has been identified in a key component of Oracle’s open-source portfolio, potentially handing the...

The Cyber Nexus: Iranian Group ‘Muddy Water’ Caught Deploying Russian ‘Tsundere’ Botnet via EtherHiding Tsundere Botnet Muddy Water

The Cyber Nexus: Iranian Group ‘Muddy Water’ Caught Deploying Russian ‘Tsundere’ Botnet via EtherHiding

Do Son March 18, 2026

Cybersecurity investigators at eSentire’s Threat Response Unit (TRU) have uncovered a high-stakes digital alignment between two major...

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection Spring AI Vulnerability Remote Code Execution (RCE) Spring AI Vulnerability CVE-2026-22730

Spring AI Vulnerability Remote Code Execution (RCE) Spring AI Vulnerability CVE-2026-22730

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

Do Son March 17, 2026

Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool...