cybersecurity Archives • Page 39 of 88 • Daily CyberSecurity

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale Anthropic, AI misuse

Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale

Do Son August 29, 2025

Anthropic’s Threat Intelligence team has released a report detailing how malicious actors are misusing advanced AI systems...

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks Storm-0501, cloud ransomware

Malware-less Ransomware: How Storm-0501 is Pivoting to Cloud-Native Attacks

Do Son August 29, 2025

Microsoft Threat Intelligence has published new research into Storm-0501, a financially motivated threat actor that has dramatically...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Do Son August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone Teams phishing, Teams security

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone

Do Son August 29, 2025

Security researchers at Hunters have published a new analysis revealing how attackers are increasingly abusing Microsoft Teams...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

Do Son August 29, 2025

Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number...

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments

Do Son August 29, 2025

Group-IB analysts, in cooperation with CERT-KG, have published new research exposing the activities of a threat cluster...

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown FreePBX, security advisory

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown

Do Son August 28, 2025

The Sangoma FreePBX Security Team has issued an urgent security advisory after discovering a potential exploit targeting...

9.6 A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS Dell ThinOS, remote access

9.6 A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS

Do Son August 28, 2025

Dell Technologies has issued a security advisory addressing several high-severity vulnerabilities in its ThinOS 10 platform, widely...

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts

Do Son August 28, 2025

The cybersecurity company ESET has released a report detailing its latest discovery: an artificial intelligence–driven ransomware strain...

Tencent Cloud’s Misconfiguration Exposed Internal Source Code and Credentials Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Tencent Cloud’s Misconfiguration Exposed Internal Source Code and Credentials

Do Son August 28, 2025

Cybersecurity researchers from CYBERNEWS recently published a report disclosing a serious security issue uncovered in Tencent Cloud,...

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Do Son August 28, 2025

In a multinational alert, the U.S. National Security Agency (NSA), CISA, FBI, and partners from more than...

7.5 A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

7.5 A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea

Do Son August 28, 2025

The Internet Systems Consortium (ISC) has released a security advisory addressing a high-severity vulnerability in its widely...

High NVIDIA Issues Security Update for NeMo Framework: Multiple High-Severity Vulnerabilities Patched NVIDIA NeMo Framework

High NVIDIA Issues Security Update for NeMo Framework: Multiple High-Severity Vulnerabilities Patched

Do Son August 28, 2025

NVIDIA has released a new software update for its NeMo Framework, addressing multiple high-severity vulnerabilities that could...

9.0 PoC Available: CrushFTP Zero-Day (CVE-2025-54309) Exploited in the Wild

Do Son August 28, 2025

watchTowr Labs has released a detailed analysis of CVE-2025-54309, a zero-day authentication bypass vulnerability in CrushFTP, the...

Infrawatch Uncovers Belarusian-Run Residential Proxy Network Inside U.S. Homes Residential proxies, DSLRoot

Infrawatch Uncovers Belarusian-Run Residential Proxy Network Inside U.S. Homes

Do Son August 28, 2025

A new investigation by Infrawatch, in collaboration with KrebsOnSecurity, has revealed that a Belarusian national is covertly...

A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia Blind Eagle, cyber espionage

A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia

Do Son August 28, 2025

Insikt Group has released new findings on TAG-144, also known as Blind Eagle, AguilaCiega, APT-C-36, or APT-Q-98,...

Data Theft Alert: Salesforce Instances Breached via Third-Party App OAuth Tokens Salesforce data theft

Data Theft Alert: Salesforce Instances Breached via Third-Party App OAuth Tokens

Do Son August 28, 2025

The Google Threat Intelligence Group (GTIG) has issued an urgent advisory on a widespread data theft campaign...

A Silent Threat: How a Stealthy Campaign Is Stealing ScreenConnect Credentials for Ransomware ScreenConnect, credential harvesting

A Silent Threat: How a Stealthy Campaign Is Stealing ScreenConnect Credentials for Ransomware

Do Son August 28, 2025

The Mimecast Threat Research team, led by Samantha Clarke, has exposed an ongoing credential harvesting campaign (designated...

The Reversed Phishing Attack: New Campaign Triggers Victims to Call Hackers NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club