cybersecurity Archives • Page 32 of 88 • Daily CyberSecurity

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels RevengeHotels, Hospitality Cybercrime

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels

Do Son September 17, 2025

The long-running cybercrime group RevengeHotels—also tracked as TA558—has resurfaced with a new campaign targeting hotels and the...

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages supply-chain-attack

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages

Do Son September 17, 2025

The malicious supply chain campaign dubbed “Shai-Hulud” has struck again, this time compromising multiple npm packages published...

KSMBDrain (CVE-2025-38501): Linux Kernel Flaw Allows Remote DoS Attacks, PoC Available Linux DoS CVE-2025-38501

KSMBDrain (CVE-2025-38501): Linux Kernel Flaw Allows Remote DoS Attacks, PoC Available

Do Son September 17, 2025

A newly disclosed vulnerability in the Linux kernel’s KSMBD subsystem has been assigned CVE-2025-38501, allowing remote attackers...

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage

Do Son September 17, 2025

The Russian-linked threat actor APT28, also known as Sofacy, Fancy Bear, Forest Blizzard, and TAG-110, has unveiled...

SmokeLoader Rises From the Ashes with New, Evasive Variants SmokeLoader, Malware

SmokeLoader Rises From the Ashes with New, Evasive Variants

Do Son September 17, 2025

First emerging in 2011, SmokeLoader (also known as Smoke or Dofoil) has remained one of the most...

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

Do Son September 17, 2025

A recent forensic investigation by Check Point Research (CPR) has shed light on the Pure malware family,...

AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire CVE-2024-22394

AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire

Do Son September 17, 2025

The AISURU botnet, first disclosed by XLab in 2024, has rapidly become one of the most dangerous...

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains

Do Son September 16, 2025

The Socket Research Team has uncovered a large-scale supply chain attack on the npm ecosystem, with more...

Unmasking the DarkCloud: A New Stealer Is Hiding Malware in JPG Files Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Unmasking the DarkCloud: A New Stealer Is Hiding Malware in JPG Files

Do Son September 16, 2025

CyberProof’s MDR analysts and Threat Hunters observed a sharp increase in DarkCloud Stealer infections, with campaigns primarily...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

9.8 CVE-2025-5821: Critical Authentication Bypass in WordPress Case Theme User Plugin Exploited in the Wild

Do Son September 16, 2025

Hackers are exploiting a critical authentication bypass vulnerability in the Case Theme User plugin, a WordPress plugin...

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks

Do Son September 16, 2025

Cybercriminals are increasingly relying on malware loaders to gain initial access, evade defenses, and deliver sophisticated payloads....

Stack-Based Buffer Overflow in Squid Could Let Hackers Execute Arbitrary Code CVE-2024-25617 CVE-2025-59362 Squid Proxy ICP Vulnerability

Stack-Based Buffer Overflow in Squid Could Let Hackers Execute Arbitrary Code

Do Son September 15, 2025

Squid, the widely deployed caching proxy supporting HTTP, HTTPS, FTP, and more, has patched a critical security...

FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce

Do Son September 15, 2025

The Federal Bureau of Investigation (FBI), in coordination with DHS/CISA, has released a new FLASH Alert (FLASH-20250912-001)...

10.0 Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control Digiever NVR, critical vulnerabilities

10.0 Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

Do Son September 15, 2025

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security...

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years BaoLoader, code-signing abuse

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

Do Son September 15, 2025

Expel researchers have lifted the veil on a long-running malware operation abusing the global trust model of...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

9.8 CVE-2025-9556 (CVSS 9.8):Critical Vulnerability in LangChainGo Puts LLM Apps at Risk

Do Son September 15, 2025

The rise of large language model (LLM) applications has made frameworks like LangChain and its ports foundational...

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted

Do Son September 15, 2025

The U.S. energy industry has become a prime target for large-scale phishing operations in 2025, according to...

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm China-aligned actor, Hive0154

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm

Do Son September 15, 2025

IBM X-Force has published new findings on Hive0154, a China-aligned threat actor also tracked under names such...

5.5 VMScape (CVE-2025-40300): A New CPU Flaw Threatens Cloud Security VMScape, CPU vulnerability CVE-2025-40300

5.5 VMScape (CVE-2025-40300): A New CPU Flaw Threatens Cloud Security

Do Son September 15, 2025

Security researchers at ETH Zurich have published a study revealing how attackers can break through virtualization boundaries...

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries EvilAI, malware campaign

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries

Do Son September 15, 2025

Trend Micro researchers have uncovered a sophisticated malware campaign dubbed EvilAI, which disguises itself as productivity and...