cybersecurity Archives • Page 42 of 88 • Daily CyberSecurity

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam Go module, SSH brute-force scam

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Do Son August 23, 2025

The open-source ecosystem has once again been exploited to distribute malicious software. Socket’s Threat Research Team has...

Google Launches ‘Gemini for Government,’ Sparking a Low-Cost AI Race

Do Son August 22, 2025

Google has announced the launch of a dedicated version of its AI service, “Gemini for Government,” designed...

10 CVE-2025-34158 (CVSS 10): Plex Media Server Users Warned to Patch Critical Vulnerability Now Plex vulnerability, CVE-2025-34158

10 CVE-2025-34158 (CVSS 10): Plex Media Server Users Warned to Patch Critical Vulnerability Now

Do Son August 22, 2025

Plex Media Server (PMS) users are being urged to update their systems immediately after the discovery of...

9.3 CVE-2025-55746: Critical Directus Flaw Exposes Servers to Unauthenticated File Upload and RCE

Do Son August 22, 2025

The Directus project has disclosed a critical vulnerability tracked as CVE-2025-55746 (CVSS 9.3) that could allow unauthenticated...

9.8 CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign Passive monetization, GeoServer vulnerability

9.8 CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign

Do Son August 22, 2025

A new report from Palo Alto Networks’ Unit 42 has shed light on an unusual and stealthy...

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants

Do Son August 22, 2025

In a newly released report, French cybersecurity firm HarfangLab has revealed details of two interconnected cyber espionage...

9.1 CVE-2025-9288: Critical Flaw in Popular JavaScript Library Threatens Global Web Security CVE-2025-9288 Cryptography Vulnerability

9.1 CVE-2025-9288: Critical Flaw in Popular JavaScript Library Threatens Global Web Security

Do Son August 22, 2025

A critical security vulnerability has been disclosed in sha.js, a widely used JavaScript library that implements the...

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns ClickFix, UNC5518

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns

Do Son August 22, 2025

Mandiant researchers have uncovered a sophisticated cybercrime operation where compromised websites are weaponized with fake CAPTCHA pages...

DDoS Onslaught: Hacktivists and Botnets Drive Massive Surge in Cyber Attacks Hacktivism

DDoS Onslaught: Hacktivists and Botnets Drive Massive Surge in Cyber Attacks

Do Son August 22, 2025

The latest analysis from NETSCOUT highlights a dramatic escalation in botnet-driven distributed denial-of-service (DDoS) attacks during July...

Spear-Phishing Campaign Targets CFOs with Sophisticated Multi-Stage Intrusion Spear-phishing, MuddyWater

Spear-Phishing Campaign Targets CFOs with Sophisticated Multi-Stage Intrusion

Do Son August 22, 2025

A new report from Hunt Intelligence reveals a highly targeted spear-phishing campaign that has been systematically preying...

RapperBot Botnet Dismantled: US Charges 22-Year-Old for Massive DDoS Attacks Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

RapperBot Botnet Dismantled: US Charges 22-Year-Old for Massive DDoS Attacks

Do Son August 21, 2025

The U.S. Department of Justice has recently charged 22-year-old Oregon resident Ethan Foltz with operating a massive...

AI’s New Attack Vector: How Real-Time Bots Are Straining Websites Mozi Botnet AI bots

AI’s New Attack Vector: How Real-Time Bots Are Straining Websites

Do Son August 21, 2025

The prominent U.S. CDN provider Fastly has released its Q2 2025 Threat Defense Report, revealing that AI-driven...

Privacy Fail: Grok Chatbot Exposes 370,000 Private Conversations Grok privacy

Privacy Fail: Grok Chatbot Exposes 370,000 Private Conversations

Do Son August 21, 2025

Previously, when ChatGPT introduced a feature allowing users to generate shareable links, an option was provided to...

Warlock Ransomware: How a New Group Is Weaponizing Unpatched SharePoint Servers

Do Son August 21, 2025

A newly detailed report from Trend Micro has revealed how the Warlock ransomware group is weaponizing vulnerable...

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime AI cybercrime, phishing

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime

Do Son August 21, 2025

Artificial intelligence is lowering the barrier to cybercrime. According to a new report by Proofpoint, threat actors...

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years Static Tundra CVE-2018-0171

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years

Do Son August 21, 2025

Cisco Talos has released a new analysis exposing “Static Tundra,” a Russian state-sponsored threat actor that has...

IBM X-Force Exposes the Stealthy QuirkyLoader Malware Malware loader, QuirkyLoader

IBM X-Force Exposes the Stealthy QuirkyLoader Malware

Do Son August 21, 2025

IBM X-Force researchers have identified a new loader malware, dubbed QuirkyLoader, that is being used to deliver...

Critical Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories AI tool vulnerability, supply chain attack

AI tool vulnerability, supply chain attack

Critical Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories

Do Son August 21, 2025

Kudelski Security has published a detailed write-up of a critical vulnerability discovered in CodeRabbit, the most installed...

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems Apache ActiveMQ, self-patching malware

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems

Do Son August 21, 2025

Red Canary has revealed a sophisticated attack campaign targeting cloud-based Linux systems through a critical remote code...

Mandiant Uncovers USB-Borne Malware Campaign Deploying Cryptocurrency Miners

Do Son August 21, 2025

Mandiant’s Managed Threat Defense team has released a detailed analysis of a rapidly spreading USB-based malware campaign...