cybersecurity Archives • Page 36 of 88 • Daily CyberSecurity

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog TP-Link, CISA CVE-2023-32315 CISA KEV Catalog Active Exploitation

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog

Do Son September 4, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two TP-Link router vulnerabilities to its Known Exploited...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical Frostbyte10: The Critical Flaws Threatening Global Supply Chains

Do Son September 4, 2025

Researchers at Armis Labs have uncovered a set of ten severe vulnerabilities in Copeland E2 and E3...

DireWolf: The New Ransomware Group Targeting Global Businesses DireWolf execution flow

DireWolf: The New Ransomware Group Targeting Global Businesses

Do Son September 4, 2025

The DireWolf ransomware group, first emerging in May 2025, has rapidly evolved into a formidable cyber threat...

7.5 Envoy Project Patches Two Flaws: DoS (CVE-2025-54588) and Session Hijacking (CVE-2025-55162) Risks Envoy Project, vulnerability

7.5 Envoy Project Patches Two Flaws: DoS (CVE-2025-54588) and Session Hijacking (CVE-2025-55162) Risks

Do Son September 3, 2025

The Envoy Project has issued a new security advisory addressing two significant vulnerabilities impacting its popular L7...

8.8 A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App Dive desktop app, remote code execution

8.8 A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App

Do Son September 3, 2025

The Open Agent Platform has issued a security advisory warning of a critical vulnerability in its Dive...

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy Remote code execution, IIS Web Deploy

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy

Do Son September 3, 2025

Security researcher Batuhan Er of HawkTrace has been credited by Microsoft for uncovering CVE-2025-53772, a critical remote...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Issues Security Updates for BlueField, DOCA, Mellanox, ConnectX, Cumulus Linux, and NVOS

Do Son September 3, 2025

NVIDIA has released a critical set of software updates addressing multiple vulnerabilities across its BlueField DPUs, DOCA...

Unsecured Database Linked to Navy Federal Credit Union Exposed Online Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Unsecured Database Linked to Navy Federal Credit Union Exposed Online

Do Son September 3, 2025

Cybersecurity researcher Jeremiah Fowler has revealed a significant data exposure involving a massive, unprotected database potentially linked...

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed

Do Son September 3, 2025

Renowned network services provider Cloudflare has also emerged as a victim in the recent Salesforce CRM attack,...

9.6 CISA Warns of Critical Flaw in SunPower Solar Inverters (CVE-2025-9696, CVSS 9.6)

Do Son September 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory highlighting a critical vulnerability in...

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain

Do Son September 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two new security flaws to its Known Exploited...

Inf0s3c Stealer: A Stealthy Python Malware Is Abusing Discord to Steal Data Inf0s3c Stealer, Windows malware

Inf0s3c Stealer: A Stealthy Python Malware Is Abusing Discord to Steal Data

Do Son September 3, 2025

Cyfirma’s Threat Intelligence team has released a technical analysis of Inf0s3c Stealer, a Python-based information grabber designed...

The Largest DDoS Attack in History: Cloudflare Fights Back Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

The Largest DDoS Attack in History: Cloudflare Fights Back

Do Son September 2, 2025

Earlier this year, in mid-May, Cloudflare announced that it had successfully mitigated a record-breaking 7.3 Tbps distributed...

9.8 CVE-2025-6507 (CVSS 9.8): Critical H2O-3 Vulnerability Puts Machine Learning at Risk H2O-3, remote code execution

9.8 CVE-2025-6507 (CVSS 9.8): Critical H2O-3 Vulnerability Puts Machine Learning at Risk

Do Son September 2, 2025

H2O-3, a widely used open-source platform for distributed and scalable machine learning, has been found vulnerable to...

Why Antivirus Software Flags Your Linux ISO as Malware Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Why Antivirus Software Flags Your Linux ISO as Malware

Do Son September 2, 2025

The website DistroWatch, known for its coverage of Linux-related developments, has recently highlighted an issue encountered by...

No, There Was No “Major Gmail Security Breach”

Google Self-Preferencing Fine Idealo Antitrust Damages Anthropic, Google TPUs Google DMA Compliance, Search Self-Preferencing Google Play Store Ruling, Epic Games Victory Google fine, ad tech Google lawsuit, privacy violation Gmail security, false alarm Google Play EU regulation Google Security, Phone Number Leak Google 2025 - Google China’s Anti-Monopoly Law Google monopoly, ad tech Pixel 7a battery, battery swelling

No, There Was No “Major Gmail Security Breach”

Do Son September 2, 2025

Recently, reports of a so-called “major Gmail security breach” spread rapidly across the internet, with headlines such...

TinkyWinkey: A Stealthy New Keylogger Is Hunting for Credentials on Windows TinkyWinkey Keylogger, Windows malware

TinkyWinkey: A Stealthy New Keylogger Is Hunting for Credentials on Windows

Do Son September 2, 2025

Researchers at CYFIRMA have released an in-depth analysis of a newly observed Windows malware family dubbed the...

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks

Do Son September 2, 2025

Fox-IT and NCC Group have released a detailed joint analysis exposing how a Lazarus Group subgroup continues...

9.8 Critical CVE-2025-21483 & CVE-2025-27034 in Qualcomm Modems Score CVSS 9.8 Qualcomm Security Bulletin CVE-2026-25254 RCE Qualcomm Diversification, Mobile Chip Competition CVE-2023-33025