cybersecurity Archives • Page 24 of 86 • Daily CyberSecurity

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users systeminformation RCE, Node.js Command Injection

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users

Ddos December 18, 2025

A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of...

The Internet Rewired: Cloudflare 2025 Review Unveils the AI Bot War and a 19% Traffic Surge Cloudflare 2025 Internet Trends, AI Bot War Googlebot

The Internet Rewired: Cloudflare 2025 Review Unveils the AI Bot War and a 19% Traffic Surge

Ddos December 18, 2025

Cloudflare has released its sixth annual Year in Review, outlining the defining trends shaping the global internet...

The 45-Day Era Begins: Let’s Encrypt Unveils Generation Y Hierarchy and IP-Based TLS Let's Encrypt 45-Day Certificates ACME Profile Updates 2026 Let’s Encrypt Generation Y, 45-Day TLS Certificates Let's Encrypt, IP Certificates Certificate Revocation Lists

The 45-Day Era Begins: Let’s Encrypt Unveils Generation Y Hierarchy and IP-Based TLS

Ddos December 18, 2025

Free digital certificate authority Let’s Encrypt recently announced in a blog post its transition from the X-generation...

Security Shift: Google Retires Dark Web Report Service, Citing Inability to Offer Concrete Remedies

Ddos December 17, 2025

For users concerned about whether their personal data is “running naked” across the internet, Google’s Dark Web...

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Ddos December 11, 2025

Security researchers recently uncovered a vulnerability in the open-source text and code editor Notepad++, allowing attackers in...

AWS Frontier Agents: Autonomous AI ‘Team Members’ Take Over Dev, Security, and Ops AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS Frontier Agents: Autonomous AI ‘Team Members’ Take Over Dev, Security, and Ops

Ddos December 4, 2025

At re:Invent 2025, AWS unveiled a transformative innovation poised to redefine the software-development lifecycle — Frontier Agents....

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Ddos December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts

Ddos December 2, 2025

A prominent state-aligned threat actor has significantly evolved its arsenal, launching a sophisticated campaign targeting the Linux-based...

Albiriox: The Russian ‘MaaS’ Android Trojan Redefining Mobile Fraud Albiriox, Android Banking Trojan

Albiriox: The Russian ‘MaaS’ Android Trojan Redefining Mobile Fraud

Ddos December 2, 2025

A sophisticated new Android banking trojan, dubbed “Albiriox,” has emerged from the cybercriminal underground, offering a potent...

Boot Process Compromised: Critical Flaw (CVE-2025-47372) Hits Snapdragon 8 Gen 3 & 5G Modems Qualcomm Security, CVE-2025-47372 Automotive Safety, Connected Cars

Qualcomm Security, CVE-2025-47372 Automotive Safety, Connected Cars

Boot Process Compromised: Critical Flaw (CVE-2025-47372) Hits Snapdragon 8 Gen 3 & 5G Modems

Ddos December 1, 2025

Qualcomm has released a substantial security update for December 2025, addressing 11 distinct vulnerabilities across its chipset...

Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Ddos December 1, 2025

A significant crack has been discovered in the armor of Windows Administrator Protection, potentially allowing low-privileged attackers...

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks

Ddos December 1, 2025

A critical vulnerability has been unearthed in Apache bRPC, an industrial-grade RPC framework widely used to power...

OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

OpenAI API Users Exposed in Mixpanel Security Breach

Ddos November 28, 2025

In a significant reminder of the risks inherent to the digital supply chain, artificial intelligence giant OpenAI...

Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer

Ddos November 27, 2025

Morphisec has issued a critical alert regarding a sophisticated malware campaign targeting 3D artists, game developers, and...

UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit Department 40, IRGC Cyber Leak

UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit

Ddos November 27, 2025

A leak of internal documents has shattered the anonymity of one of Iran’s most feared cyber units,...

Tor Project Develops New CGO Encryption to Replace Vulnerable Tor1 Protocol Firefox Vulnerability Tor CGO Encryption Tor1 Protocol Vulnerability

Firefox Vulnerability Tor CGO Encryption Tor1 Protocol Vulnerability

Tor Project Develops New CGO Encryption to Replace Vulnerable Tor1 Protocol

Ddos November 26, 2025

The Onion Network (Tor) has long been synonymous with accessing the dark web, though its primary purpose...

CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability

Ddos November 26, 2025

Just when administrators thought NTLM relay attacks were becoming a thing of the past, a dangerous new...

Critical Patch: NVIDIA DGX Spark Flaw (CVE-2025-33187, CVSS 9.3) Exposes AI Secrets to Takeover NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

Critical Patch: NVIDIA DGX Spark Flaw (CVE-2025-33187, CVSS 9.3) Exposes AI Secrets to Takeover

Ddos November 26, 2025

NVIDIA has issued an urgent security update for its DGX Spark platform, a compact AI supercomputer designed...

Code Injection Flaws Threaten NVIDIA’s Isaac-GROOT Robotics Platform NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

Code Injection Flaws Threaten NVIDIA’s Isaac-GROOT Robotics Platform

Ddos November 24, 2025

NVIDIA has issued a security update to address two high-severity vulnerabilities in its NVIDIA Isaac-GROOT software. Isaac-GROOT...

Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update

Ddos November 17, 2025

Google has issued an urgent, out-of-band security update for the Chrome Stable channel, addressing two separate Type...