cybersecurity Archives • Page 41 of 86 • Daily CyberSecurity

Warlock Ransomware: How a New Group Is Weaponizing Unpatched SharePoint Servers

Ddos August 21, 2025

A newly detailed report from Trend Micro has revealed how the Warlock ransomware group is weaponizing vulnerable...

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime AI cybercrime, phishing

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime

Ddos August 21, 2025

Artificial intelligence is lowering the barrier to cybercrime. According to a new report by Proofpoint, threat actors...

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years Static Tundra CVE-2018-0171

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years

Ddos August 21, 2025

Cisco Talos has released a new analysis exposing “Static Tundra,” a Russian state-sponsored threat actor that has...

IBM X-Force Exposes the Stealthy QuirkyLoader Malware Malware loader, QuirkyLoader

IBM X-Force Exposes the Stealthy QuirkyLoader Malware

Ddos August 21, 2025

IBM X-Force researchers have identified a new loader malware, dubbed QuirkyLoader, that is being used to deliver...

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories AI tool vulnerability, supply chain attack

AI tool vulnerability, supply chain attack

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories

Ddos August 21, 2025

Kudelski Security has published a detailed write-up of a critical vulnerability discovered in CodeRabbit, the most installed...

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems Apache ActiveMQ, self-patching malware

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems

Ddos August 21, 2025

Red Canary has revealed a sophisticated attack campaign targeting cloud-based Linux systems through a critical remote code...

Mandiant Uncovers USB-Borne Malware Campaign Deploying Cryptocurrency Miners

Ddos August 21, 2025

Mandiant’s Managed Threat Defense team has released a detailed analysis of a rapidly spreading USB-based malware campaign...

CVE-2025-54988: Critical XXE Vulnerability in Apache Tika PDF Parser Exposes Sensitive Data Apache Tika XXE, Malicious PDF Exploit Apache Tika, XXE vulnerability CVE-2025-54988

CVE-2025-54988: Critical XXE Vulnerability in Apache Tika PDF Parser Exposes Sensitive Data

Ddos August 21, 2025

The widely used Apache Tika toolkit, a powerful library for detecting and extracting metadata and text from...

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation Supply chain attack

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation

Ddos August 21, 2025

Zscaler’s ThreatLabz team has issued a warning after uncovering a malicious Python package on the Python Package...

Beyond the Inbox: How a Cyber-Espionage Group Is Exploiting Two WinRAR Vulnerabilities WinRAR Zero-day

Beyond the Inbox: How a Cyber-Espionage Group Is Exploiting Two WinRAR Vulnerabilities

Ddos August 21, 2025

BI.ZONE Threat Intelligence uncovered a series of targeted cyber-espionage campaigns conducted by the Paper Werewolf (GOFFEE) cluster,...

Critical Docker Desktop Vulnerability Exposes Host Systems to Container Abuse Docker Malware Campaign Docker Vulnerability CVE-2025-9074

Critical Docker Desktop Vulnerability Exposes Host Systems to Container Abuse

Ddos August 20, 2025

A critical vulnerability in Docker Desktop has been disclosed, tracked as CVE-2025-9074 with a CVSSv4 severity score...

Apple Issues Urgent Patch for Zero-Day Vulnerability CVE-2025-43300 Exploited in the Wild Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Issues Urgent Patch for Zero-Day Vulnerability CVE-2025-43300 Exploited in the Wild

Ddos August 20, 2025

Apple has released urgent security updates to patch a zero-day vulnerability actively exploited in the wild, warning...

CVE-2025-54336 (CVSS 9.8): Critical Flaw in Plesk Obsidian Exposes Servers to Full Compromise CVE-2025-54336 Plesk Vulnerability

CVE-2025-54336 (CVSS 9.8): Critical Flaw in Plesk Obsidian Exposes Servers to Full Compromise

Ddos August 20, 2025

A newly disclosed security vulnerability in Plesk Obsidian, a widely used web hosting control panel, has been...

Firefox Switches to CRLite, Ditching OCSP for Better Speed and Privacy Firefox 32-bit Linux Firefox, CRLite Firefox 141, AI Tab Groups Firefox Focus Android

Firefox 32-bit Linux Firefox, CRLite Firefox 141, AI Tab Groups Firefox Focus Android

Firefox Switches to CRLite, Ditching OCSP for Better Speed and Privacy

Ddos August 20, 2025

The Mozilla Foundation recently announced on its official blog the deployment of the CRLite digital certificate revocation...

The Backdoor Is No More: UK Government Drops Demand for Access to iCloud Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

The Backdoor Is No More: UK Government Drops Demand for Access to iCloud

Ddos August 20, 2025

In February 2025, reports emerged claiming that the UK government had secretly issued a notice to Apple,...

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software Municipal software, Vulnerability

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software

Ddos August 20, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of serious security flaws in Workhorse...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Google Chrome Issues High-Severity Fix for V8 Engine Vulnerability (CVE-2025-9132)

Ddos August 20, 2025

Google has released a Stable Channel Update for its Chrome browser, addressing a critical security issue in...

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms Cyber-espionage, GodRAT

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms

Ddos August 20, 2025

Kaspersky Labs has identified a sophisticated cyber-espionage campaign targeting financial institutions, particularly trading and brokerage firms, through...

A ChatGPT App Is Hiding a Backdoor: Microsoft Exposes the PipeMagic Malware PipeMagic, Ransomware