cybersecurity Archives • Page 21 of 87 • Daily CyberSecurity

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Do Son March 10, 2026

TP-Link has issued an urgent security advisory for users of its high-performance Archer AXE75 routers. A newly...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2026-0866: Malformed ZIP Headers Allow Malware to Slip Past EDR Scanners

Do Son March 10, 2026

A newly detailed vulnerability, CVE-2026-0866, is highlighting a fundamental blind spot in how many Antivirus (AV) and...

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets SHub Stealer Mac Malware

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets

Do Son March 10, 2026

Mac users are the target of a convincing new “brand impersonation” campaign that turns the popular utility...

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking SICK Lector Vulnerability CVE-2026-2331 CVE-2022-0778 and CVE-2025-0867

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

Do Son March 10, 2026

In a significant update for the industrial automation sector, SICK PSIRT has issued a high-priority security advisory...

Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors Gogs LFS Vulnerability CVE-2026-25921

Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors

Do Son March 10, 2026

The Gogs project, a popular self-hosted Git service prized for its simplicity and painless setup, has been...

Agencies Issue Urgent Warning on INC Ransom Healthcare Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Agencies Issue Urgent Warning on INC Ransom Healthcare Attacks

Do Son March 10, 2026

A new joint advisory released by the Australian Cyber Security Centre (ACSC), CERT Tonga, and New Zealand’s...

Critical Request Smuggling & Cache Flaws Discovered in Cloudflare’s Pingora Pingora Vulnerabilities Cloudflare Pingora

Critical Request Smuggling & Cache Flaws Discovered in Cloudflare’s Pingora

Do Son March 10, 2026

Security researchers have disclosed three significant vulnerabilities in Pingora, the high-performance Rust framework developed by Cloudflare to...

The Spy in Your Sidebar: Fake AI Browser Extensions Steal Data from 900,000 Users Malicious AI Extensions Chromium Browser Security

The Spy in Your Sidebar: Fake AI Browser Extensions Steal Data from 900,000 Users

Do Son March 10, 2026

A seemingly helpful AI assistant could be a silent spy in your browser. Microsoft Defender Security Research...

The ‘Contagious Interview’ Trap: How a Web3 CEO Unmasked North Korean Stealth Malware Contagious Interview North Korean Malware

The ‘Contagious Interview’ Trap: How a Web3 CEO Unmasked North Korean Stealth Malware

Do Son March 10, 2026

It started with a routine direct message on LinkedIn: a recruiter named “Nazar” pitching a role at...

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server ClipXDaemon Linux Malware

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server

Do Son March 10, 2026

Cybersecurity researchers have identified a specialized new threat targeting Linux users that breaks the traditional mold of...

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision AWS Phishing AiTM Attack

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision

Do Son March 9, 2026

In a sophisticated escalation of cloud-targeting attacks, Datadog Security Research has uncovered an active adversary-in-the-middle (AiTM) phishing...

Escalation in the Shadows: Iranian APT Seedworm Deploys ‘Dindoor’ Backdoor in New Cyberoffensive Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Escalation in the Shadows: Iranian APT Seedworm Deploys ‘Dindoor’ Backdoor in New Cyberoffensive

Do Son March 9, 2026

As geopolitical tensions escalate in the Middle East, the digital battlefield is seeing a parallel surge in...

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor

Do Son March 9, 2026

Security researchers from TrendMicro have identified a sophisticated new threat actor utilizing SEO-optimized GitHub repositories to distribute...

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE Zephyr RTOS Vulnerability CVE-2026-1678

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE

Do Son March 9, 2026

Security researchers have disclosed a critical memory-safety vulnerability in the Zephyr Project, a high-profile, scalable real-time operating...

Vault Unlocked: High-Severity Flaws in Vaultwarden Expose Encrypted Secrets and Allow Privilege Escalation Vaultwarden Vulnerabilities CVE-2026-27898

Vaultwarden Vulnerabilities CVE-2026-27898

Vault Unlocked: High-Severity Flaws in Vaultwarden Expose Encrypted Secrets and Allow Privilege Escalation

Do Son March 9, 2026

Security researchers have identified a series of critical vulnerabilities in Vaultwarden, the popular lightweight, self-hosted alternative to...

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection SiYuan XSS Vulnerability CVE-2026-29183

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection

Do Son March 9, 2026

Security researchers have disclosed a high-severity vulnerability in SiYuan, the popular privacy-first personal knowledge management system. The...

Critical Bypasses and Secret Leaks Patched in Apache ZooKeeper CVE-2023-44981 Apache ZooKeeper Vulnerabilities CVE-2026-24281

Critical Bypasses and Secret Leaks Patched in Apache ZooKeeper

Do Son March 9, 2026

The Apache Software Foundation has released an urgent security update for Apache ZooKeeper, the mission-critical service used...

Polygon Powered: Vietnamese Operator Deploys 16 Generations of LuaJIT Malware via GitHub Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Polygon Powered: Vietnamese Operator Deploys 16 Generations of LuaJIT Malware via GitHub

Do Son March 9, 2026

Security researchers have uncovered a massive, year-long cyber campaign orchestrated by a Vietnamese-speaking operator who has turned...

From Theory to Threat: Hackers Are Now Weaponizing Web Pages to Brainwash AI Agents axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL