cybersecurity Archives • Page 39 of 86 • Daily CyberSecurity

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965) SQLite vulnerability CVE-2025-6965 PoC

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965)

Ddos August 26, 2025

Google revealed that its large language model (LLM)-assisted vulnerability discovery framework detected and reported a critical flaw...

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760 Langflow, Privilege escalation

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Ddos August 26, 2025

The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library PhpSpreadsheet CVE-2025-54370

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library

Ddos August 26, 2025

A newly disclosed security flaw, tracked as CVE-2025-54370, has been identified in PhpSpreadsheet, a PHP-based library that...

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase DataEase, RCE vulnerability

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase

Ddos August 26, 2025

Security researchers have disclosed two critical vulnerabilities in DataEase, an open-source business intelligence (BI) tool designed for...

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog

Ddos August 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities...

A Storm Is Coming: A Massive Coordinated Attack Is Probing RDP Connections RDP scanning, Remote Desktop Protocol

A Storm Is Coming: A Massive Coordinated Attack Is Probing RDP Connections

Ddos August 26, 2025

Security intelligence firm GreyNoise has sounded the alarm over a massive spike in Microsoft Remote Desktop (RDP)...

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs Phishing campaign, UpCrypter

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs

Ddos August 26, 2025

FortiGuard Labs has uncovered a rapidly spreading phishing campaign that leverages carefully crafted emails and fake websites...

TP-Link Issues Urgent Patch for KP303 Smart Plug Vulnerability (CVE-2025-8627)

Ddos August 26, 2025

TP-Link has issued a security advisory addressing a high-severity vulnerability (CVE-2025-8627) affecting its KP303 Smart Plug, warning...

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7 Privileged access manager, Securden

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7

Ddos August 26, 2025

Security researchers at Rapid7 have uncovered four serious vulnerabilities in Securden Unified Privileged Access Manager (PAM), a...

Ransomware in Your Summary? New Attack Weaponizes AI Assistants sumary

Ransomware in Your Summary? New Attack Weaponizes AI Assistants

Ddos August 26, 2025

A new CloudSEK report has revealed a dangerous evolution in social engineering: the use of invisible prompt...

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect CVE-2023-20951 Honor Update

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect

Ddos August 26, 2025

Droppers—seemingly harmless apps that secretly deliver malware—have long been a key part of Android cybercrime. But according...

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps Potentially unwanted program, residential proxy

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps

Ddos August 26, 2025

For years, potentially unwanted programs (PUPs) have been associated with nuisance-level behavior—displaying ads, installing toolbars, or collecting...

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware

Ddos August 26, 2025

The Pakistan-linked threat group APT36—also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major—has re-emerged...

Spur Links North Korean APT Infrastructure to Commercial Proxy Service WgetCloud

Ddos August 26, 2025

Last week, the leak site DDoSecrets.com published a data dump allegedly from a workstation of a threat...

The End of an Era: Popular CA Buypass to Halt Free TLS/SSL Certificates TLS certificates, Buypass

The End of an Era: Popular CA Buypass to Halt Free TLS/SSL Certificates

Ddos August 25, 2025

The well-known Certificate Authority Buypass has announced that it will cease issuing TLS/SSL digital certificates in October...

Chrome Zero-Day: Exploit in the Wild and PoC Released Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day: Exploit in the Wild and PoC Released

Ddos August 25, 2025

A high-severity zero-day vulnerability in Google Chrome’s V8 JavaScript engine, tracked as CVE-2025-5419, has been exposed, with...

Beyond Convenience: Why a Standalone 2FA App Is Your Best Defense LastPass data breach

Beyond Convenience: Why a Standalone 2FA App Is Your Best Defense

Ddos August 25, 2025

Earlier, encrypted email provider ProtonMail introduced a standalone two-factor authentication (2FA) tool. One might wonder why, given...

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Ddos August 25, 2025

Salesforce Security has announced the resolution of multiple vulnerabilities in Tableau Server, identified during a proactive security...

Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack