cybersecurity Archives • Page 37 of 86 • Daily CyberSecurity

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247) Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

Ddos August 29, 2025

The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions...

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution ImageMagick, remote code execution

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution

Ddos August 29, 2025

The developers of ImageMagick, one of the most widely used open-source image processing libraries, have disclosed a...

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Ddos August 29, 2025

The AhnLab Security Emergency Response Center (ASEC) has published new research on the Interlock ransomware group, which...

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch! D-Link, command injection

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch!

Ddos August 29, 2025

D-Link has issued a Security Announcement regarding multiple critical vulnerabilities discovered in its legacy DIR-series routers. These...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)

Ddos August 29, 2025

The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its...

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available NodeBB, SQL injection

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available

Ddos August 29, 2025

The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0....

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx Sinobi Group, ransomware

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

Ddos August 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) investigated a ransomware attack that it has attributed to an affiliate...

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale Anthropic, AI misuse

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale

Ddos August 29, 2025

Anthropic’s Threat Intelligence team has released a report detailing how malicious actors are misusing advanced AI systems...

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks Storm-0501, cloud ransomware

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks

Ddos August 29, 2025

Microsoft Threat Intelligence has published new research into Storm-0501, a financially motivated threat actor that has dramatically...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Ddos August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone Teams phishing, Teams security

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone

Ddos August 29, 2025

Security researchers at Hunters have published a new analysis revealing how attackers are increasingly abusing Microsoft Teams...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

Ddos August 29, 2025

Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number...

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments

Ddos August 29, 2025

Group-IB analysts, in cooperation with CERT-KG, have published new research exposing the activities of a threat cluster...

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown FreePBX, security advisory

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown

Ddos August 28, 2025

The Sangoma FreePBX Security Team has issued an urgent security advisory after discovering a potential exploit targeting...

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS Dell ThinOS, remote access

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS

Ddos August 28, 2025

Dell Technologies has issued a security advisory addressing several high-severity vulnerabilities in its ThinOS 10 platform, widely...

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts

Ddos August 28, 2025

The cybersecurity company ESET has released a report detailing its latest discovery: an artificial intelligence–driven ransomware strain...

Tencent Cloud’s Misconfiguration Exposed Internal Source Code and Credentials Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Tencent Cloud’s Misconfiguration Exposed Internal Source Code and Credentials

Ddos August 28, 2025

Cybersecurity researchers from CYBERNEWS recently published a report disclosing a serious security issue uncovered in Tencent Cloud,...

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Ddos August 28, 2025

In a multinational alert, the U.S. National Security Agency (NSA), CISA, FBI, and partners from more than...

A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability