cybersecurity Archives • Page 37 of 88 • Daily CyberSecurity

7.5 CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

7.5 CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers

Do Son September 2, 2025

HashiCorp has issued a security advisory for a newly disclosed vulnerability in Vault, its widely used secrets...

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign

Do Son September 2, 2025

Researchers at Seqrite Lab have uncovered a new spear-phishing operation attributed to APT-37 (ScarCruft / InkySquid /...

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry the phishing page prompts for OTP codes sent via SMS

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry

Do Son September 2, 2025

Okta Threat Intelligence is sounding the alarm over a large-scale phishing campaign that has been actively impersonating...

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Do Son September 2, 2025

For over a year, Huntress researchers have been tracking the rise of ClickFix attacks, a form of...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Do Son September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...

8.8 CVE-2025-58158 Flaw in Harness Gitness Allows Arbitrary File Write Harness Gitness, arbitrary file write

8.8 CVE-2025-58158 Flaw in Harness Gitness Allows Arbitrary File Write

Do Son September 2, 2025

The open-source DevOps ecosystem has been hit with another critical security issue—this time in Harness Open Source,...

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats Iranian-aligned, spear-phishing

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats

Do Son September 2, 2025

Recently, researchers at Dream’s Threat Intelligence Team uncovered a sophisticated spear-phishing campaign that leveraged a compromised mailbox...

Anatomy of an Attack: New Report Exposes Ukrainian Networks Fueling Global Brute-Force Campaigns

Do Son September 2, 2025

A new report from Intrinsec has revealed a sprawling web of Ukrainian and offshore networks fueling large-scale...

9.8 CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover Seiko Solutions, command injection

9.8 CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover

Do Son September 1, 2025

A critical security flaw has been discovered in SkyBridge BASIC MB-A130, a networking device developed by Seiko...

7.7 CVE-2024-52284: SUSE Fleet Vulnerability Exposes Sensitive Helm Values in Plain Text Fleet security vulnerabilities cross namespace secret disclosure Rancher, GitOps Rancher Fleet Critical Vulnerability CVE-2026-41050

Fleet security vulnerabilities cross namespace secret disclosure Rancher, GitOps Rancher Fleet Critical Vulnerability CVE-2026-41050

7.7 CVE-2024-52284: SUSE Fleet Vulnerability Exposes Sensitive Helm Values in Plain Text

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a security advisory warning of a high-severity vulnerability in Fleet,...

7.5 CVE-2025-57803: Critical Flaw in ImageMagick Could Lead to Remote Code Execution ImageMagick, remote code execution

7.5 CVE-2025-57803: Critical Flaw in ImageMagick Could Lead to Remote Code Execution

Do Son September 1, 2025

The ImageMagick team has disclosed a critical vulnerability in its BMP encoder, tracked as CVE-2025-57803, which can...

South Korea Fines SK Telecom $96.5M Over Massive Data Breach Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

South Korea Fines SK Telecom $96.5M Over Massive Data Breach

Do Son September 1, 2025

In April 2025, South Korea’s leading telecommunications provider SK Telecom (SKT) uncovered a long-standing software vulnerability that...

Elon Musk’s xAI Sues Ex-Engineer Over Stolen Grok AI Secrets Musk $134B OpenAI lawsuit, xAI Grok deepfake cease and desist xAI Series E $20 billion funding, Grok 5 NVIDIA supercomputer trade secret theft, xAI lawsuit Grok 2, Open Source AI Grok AI, xAI Investment xAI, MacroHard

Musk $134B OpenAI lawsuit, xAI Grok deepfake cease and desist xAI Series E $20 billion funding, Grok 5 NVIDIA supercomputer trade secret theft, xAI lawsuit Grok 2, Open Source AI Grok AI, xAI Investment xAI, MacroHard

Elon Musk’s xAI Sues Ex-Engineer Over Stolen Grok AI Secrets

Do Son September 1, 2025

Elon Musk’s artificial intelligence company xAI filed a lawsuit on August 28, 2025, in the U.S. District...

Is Gmail’s Spam Filter Politically Biased? The FTC Investigates Gmail Mobile E2EE Gmail POP3 support end 2026, Gmailify deprecated January 2026 Gmail spam filter, political bias

Gmail Mobile E2EE Gmail POP3 support end 2026, Gmailify deprecated January 2026 Gmail spam filter, political bias

Is Gmail’s Spam Filter Politically Biased? The FTC Investigates

Do Son September 1, 2025

The U.S. Federal Trade Commission (FTC) has recently turned its scrutiny toward Google, questioning whether Gmail’s email...

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Do Son September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War

Do Son September 1, 2025

The war in Ukraine has reshaped not only geopolitics but also the digital battlefield. A new report...

9.8 CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover NeuVector, Kubernetes vulnerability CVE-2025-8077

NeuVector, Kubernetes vulnerability CVE-2025-8077

9.8 CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a critical security advisory for NeuVector, an open-source container security...

Deepfakes and Deception: North Korean IT Workers Infiltrating Companies to Fund Regime North Korean IT workers, deepfake identities

Deepfakes and Deception: North Korean IT Workers Infiltrating Companies to Fund Regime

Do Son September 1, 2025

A new report from Threat Intel Researcher Rakesh Krishnan sheds light on the growing threat posed by...

Unraveling a Phishing Spree That Abuses Email Marketing and Cloud Services Phishing, URL redirectors

Unraveling a Phishing Spree That Abuses Email Marketing and Cloud Services

Do Son September 1, 2025

Researchers at Trustwave SpiderLabs have published an analysis showing a significant uptick in phishing campaigns that rely...

8.2 CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

8.2 CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a security advisory addressing a high-severity vulnerability in Rancher Manager,...