cybersecurity Archives • Page 41 of 88 • Daily CyberSecurity

8.7 TP-Link Issues Urgent Patch for KP303 Smart Plug Vulnerability (CVE-2025-8627)

8.7 TP-Link Issues Urgent Patch for KP303 Smart Plug Vulnerability (CVE-2025-8627)

Do Son August 26, 2025

TP-Link has issued a security advisory addressing a high-severity vulnerability (CVE-2025-8627) affecting its KP303 Smart Plug, warning...

Critical Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7 Privileged access manager, Securden

Critical Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7

Do Son August 26, 2025

Security researchers at Rapid7 have uncovered four serious vulnerabilities in Securden Unified Privileged Access Manager (PAM), a...

Ransomware in Your Summary? New Attack Weaponizes AI Assistants sumary

Ransomware in Your Summary? New Attack Weaponizes AI Assistants

Do Son August 26, 2025

A new CloudSEK report has revealed a dangerous evolution in social engineering: the use of invisible prompt...

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect CVE-2023-20951 Honor Update

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect

Do Son August 26, 2025

Droppers—seemingly harmless apps that secretly deliver malware—have long been a key part of Android cybercrime. But according...

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps Potentially unwanted program, residential proxy

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps

Do Son August 26, 2025

For years, potentially unwanted programs (PUPs) have been associated with nuisance-level behavior—displaying ads, installing toolbars, or collecting...

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware

Do Son August 26, 2025

The Pakistan-linked threat group APT36—also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major—has re-emerged...

Spur Links North Korean APT Infrastructure to Commercial Proxy Service WgetCloud

Do Son August 26, 2025

Last week, the leak site DDoSecrets.com published a data dump allegedly from a workstation of a threat...

The End of an Era: Popular CA Buypass to Halt Free TLS/SSL Certificates TLS certificates, Buypass

The End of an Era: Popular CA Buypass to Halt Free TLS/SSL Certificates

Do Son August 25, 2025

The well-known Certificate Authority Buypass has announced that it will cease issuing TLS/SSL digital certificates in October...

Chrome Zero-Day: Exploit in the Wild and PoC Released Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day: Exploit in the Wild and PoC Released

Do Son August 25, 2025

A high-severity zero-day vulnerability in Google Chrome’s V8 JavaScript engine, tracked as CVE-2025-5419, has been exposed, with...

Beyond Convenience: Why a Standalone 2FA App Is Your Best Defense LastPass data breach

Beyond Convenience: Why a Standalone 2FA App Is Your Best Defense

Do Son August 25, 2025

Earlier, encrypted email provider ProtonMail introduced a standalone two-factor authentication (2FA) tool. One might wonder why, given...

9.6 CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

9.6 CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Do Son August 25, 2025

Salesforce Security has announced the resolution of multiple vulnerabilities in Tableau Server, identified during a proactive security...

Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers

Do Son August 25, 2025

In June 2025, the Nasdaq-listed American cryptocurrency exchange Coinbase experienced a data breach. The incident was not...

A New Linux Malware Hides in Plain Sight by Weaponizing File Names Linux-filenames

A New Linux Malware Hides in Plain Sight by Weaponizing File Names

Do Son August 25, 2025

Linux has long been considered a fortress of security—a preferred platform for developers, system administrators, and security...

Linux Under Attack: APT36 Launches New Cyber-Espionage Campaign on Indian Govt

Do Son August 25, 2025

The threat landscape in South Asia has taken a new turn with the resurgence of APT36 (Transparent...

Anatsa Android Trojan Expands Its Global Reach and Targets 831 Financial Apps Android malware, Anatsa

Anatsa Android Trojan Expands Its Global Reach and Targets 831 Financial Apps

Do Son August 25, 2025

The Android ecosystem continues to face persistent threats from sophisticated banking trojans. The Zscaler ThreatLabz team, which...

Gayfemboy Botnet Resurfaces with Advanced Evasion and New Targets ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Gayfemboy Botnet Resurfaces with Advanced Evasion and New Targets

Do Son August 25, 2025

FortiGuard Labs has been closely tracking a stealthy new malware strain known as Gayfemboy. Initially disclosed by...

BQTLock: A New Ransomware-as-a-Service Operation Blending Marketing and Malware Ransomware-as-a-Service, BQTLock

BQTLock: A New Ransomware-as-a-Service Operation Blending Marketing and Malware

Do Son August 25, 2025

A new ransomware strain has entered the cybercrime marketplace, blending technical sophistication with aggressive marketing. Researchers at...

ROM Hacking Site Halts Its Internet Archive Mirror Over “Virus” Flags ROM hacking, Internet Archive

ROM Hacking Site Halts Its Internet Archive Mirror Over “Virus” Flags

Do Son August 25, 2025

The well-known game ROM hacking site RHDI (domain: ROMHack.ing) recently announced that it would discontinue providing mirrored...

9.8 IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157) IBM Vulnerability CVE-2025-36157

9.8 IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157)

Do Son August 25, 2025

IBM has released a security bulletin addressing a severe vulnerability in its Jazz Team Server, a Java-based...

YouTube Downloader Sites Are Now Hiding Proxyware to Hijack Your Bandwidth

Do Son August 23, 2025

Cybercriminals are once again exploiting popular online habits—this time leveraging YouTube video download sites as bait for...