cybersecurity Archives • Page 25 of 88 • Daily CyberSecurity

Popular Chinese Utility Hijacked to Deploy Browser Malware Grafana Exploitation, Coordinated Scanning Arcserve UDP Vulnerabilities

Popular Chinese Utility Hijacked to Deploy Browser Malware

Do Son January 7, 2026

The RedDrip Team at QiAnXin Technology’s Threat Intelligence Center has uncovered a widespread malware campaign hiding inside...

Riot Games Login Outage Traced to Expired SSL Certificate Riot Games, Certificate Expiration

Riot Games Login Outage Traced to Expired SSL Certificate

Do Son January 5, 2026

The well-known game developer Riot Games recently suffered another widespread service disruption after failing to renew an...

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal Quake III Arena, Zero-Day Vulnerability

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal

Do Son January 5, 2026

The Quake III Arena engine, a cornerstone of FPS history open-sourced by id Software, has been hit...

The Hacker Returns: Bitfinex Mastermind Ilya Lichtenstein Freed Early via Trump Law Ilya Lichtenstein Bitfinex release, Trump First Step Act Bitfinex

Ilya Lichtenstein Bitfinex release, Trump First Step Act Bitfinex

The Hacker Returns: Bitfinex Mastermind Ilya Lichtenstein Freed Early via Trump Law

Do Son January 5, 2026

The well-known cryptocurrency exchange Bitfinex suffered a major cyberattack in 2016, during which it lost 119,756 bitcoins....

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws

Do Son January 5, 2026

Network-attached storage giant QNAP has issued a sweeping set of security advisories, patching critical vulnerabilities that could...

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware

Do Son December 29, 2025

In a major supply chain security incident, the popular text editor EmEditor has confirmed that its official...

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central

Do Son December 29, 2025

The Java ecosystem, long considered a fortress compared to the wild west of npm, has been breached...

Identity Theft in M-Files: High-Severity Flaw Lets Insiders Hijack User Accounts and Access Sensitive Data

Do Son December 23, 2025

M-Files, the intelligent information management platform used by enterprises to organize their documents, has issued a security...

Hackers Abuse “Device Codes” to Bypass Security and Seize Microsoft 365 Accounts Device Code Phishing, Microsoft 365 OAuth

Hackers Abuse “Device Codes” to Bypass Security and Seize Microsoft 365 Accounts

Do Son December 22, 2025

Cybercriminals have found a new way to turn corporate security protocols against themselves, weaponizing a legitimate Microsoft...

Apache NiFi’s Data Leak: How a High-Severity Deserialization Flaw Puts Your Asana Workflows at Risk Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi’s Data Leak: How a High-Severity Deserialization Flaw Puts Your Asana Workflows at Risk

Do Son December 22, 2025

The Apache Software Foundation has issued a security advisory for Apache NiFi, the powerful data processing engine...

The Grand Divorce: TikTok Signs Landmark Deal to Hand U.S. Control to Oracle-Led Group TikTok USDS Joint Venture LLC, TikTok U.S. divestment 2026 TikTok Deal, ByteDance Divestment U.S. ban TikTok TikTok Sale, Trump Announcement TikTok lawsuit Trump Amazon Acquisition

TikTok USDS Joint Venture LLC, TikTok U.S. divestment 2026 TikTok Deal, ByteDance Divestment U.S. ban TikTok TikTok Sale, Trump Announcement TikTok lawsuit Trump Amazon Acquisition

The Grand Divorce: TikTok Signs Landmark Deal to Hand U.S. Control to Oracle-Led Group

Do Son December 19, 2025

The divestment plan for the U.S. version of TikTok, the short-video platform owned by ByteDance, has now...

Visualizations Weaponized: New Kibana Flaw Allows XSS Attacks via Vega Charts Kibana Vega XSS, Elastic Stack Security CVE-2024-37287 - Kibana security update

Kibana Vega XSS, Elastic Stack Security CVE-2024-37287 - Kibana security update

Visualizations Weaponized: New Kibana Flaw Allows XSS Attacks via Vega Charts

Do Son December 19, 2025

Elastic has issued important security updates for Kibana, the popular data visualization dashboard for the Elastic Stack,...

YouTube Ghost Network: The New GachiLoader Malware Hiding in Your Favorite Video Links GachiLoader, YouTube Ghost Network

YouTube Ghost Network: The New GachiLoader Malware Hiding in Your Favorite Video Links

Do Son December 19, 2025

A massive network of compromised YouTube accounts is being weaponized to spread a sophisticated new threat, turning...

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users systeminformation RCE, Node.js Command Injection

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users

Do Son December 18, 2025

A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of...

The Internet Rewired: Cloudflare 2025 Review Unveils the AI Bot War and a 19% Traffic Surge Cloudflare 2025 Internet Trends, AI Bot War Googlebot

The Internet Rewired: Cloudflare 2025 Review Unveils the AI Bot War and a 19% Traffic Surge

Do Son December 18, 2025

Cloudflare has released its sixth annual Year in Review, outlining the defining trends shaping the global internet...

The 45-Day Era Begins: Let’s Encrypt Unveils Generation Y Hierarchy and IP-Based TLS Merkle Tree Certificates Let's Encrypt 45-Day Certificates ACME Profile Updates 2026 Let’s Encrypt Generation Y, 45-Day TLS Certificates Let's Encrypt, IP Certificates Certificate Revocation Lists

The 45-Day Era Begins: Let’s Encrypt Unveils Generation Y Hierarchy and IP-Based TLS

Do Son December 18, 2025

Free digital certificate authority Let’s Encrypt recently announced in a blog post its transition from the X-generation...

Security Shift: Google Retires Dark Web Report Service, Citing Inability to Offer Concrete Remedies

Do Son December 17, 2025

For users concerned about whether their personal data is “running naked” across the internet, Google’s Dark Web...

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Do Son December 11, 2025

Security researchers recently uncovered a vulnerability in the open-source text and code editor Notepad++, allowing attackers in...

AWS Frontier Agents: Autonomous AI ‘Team Members’ Take Over Dev, Security, and Ops AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385