cybersecurity Archives • Page 49 of 86 • Daily CyberSecurity

ByteDance’s Trae IDE Under Fire: AI Coding Tool Caught Telemetry Spying Even After Opt-Out Trae IDE, Telemetry Privacy

ByteDance’s Trae IDE Under Fire: AI Coding Tool Caught Telemetry Spying Even After Opt-Out

Ddos July 29, 2025

Trae IDE, an AI-powered programming tool and integrated development environment (IDE) developed by ByteDance, has recently come...

Microsoft Uncovers “Sploitlight”: macOS Flaw (CVE-2025-31199) Bypasses TCC, Leaking Apple Intelligence Data macOS Vulnerability, TCC Bypass

Microsoft Uncovers “Sploitlight”: macOS Flaw (CVE-2025-31199) Bypasses TCC, Leaking Apple Intelligence Data

Ddos July 29, 2025

Microsoft Threat Intelligence has unveiled a critical macOS vulnerability that exploits Spotlight plugins to bypass the system’s...

Sensitive Key Storage Flaws in ASUS’ MyASUS App Threaten Token Security ASUS MyASUS, Token Theft

Sensitive Key Storage Flaws in ASUS’ MyASUS App Threaten Token Security

Ddos July 29, 2025

ASUS has issued security updates to patch two vulnerabilities in its MyASUS software, a pre-installed utility application...

Python Tarfile Vulnerability (CVE-2025-8194) Allows DoS via Malicious Archives Python Vulnerability, Tarfile DoS

Python Tarfile Vulnerability (CVE-2025-8194) Allows DoS via Malicious Archives

Ddos July 29, 2025

A newly discovered vulnerability in Python’s tarfile module, identified as CVE-2025-8194, threatens to hang applications that process...

Tea Dating App Suffers Second Breach: 1 Million+ Private Messages, Abortion Talks, and IDs Exposed Dating App Breach, Tea App Privacy

Tea Dating App Suffers Second Breach: 1 Million+ Private Messages, Abortion Talks, and IDs Exposed

Ddos July 29, 2025

Earlier, the women-only dating application Tea suffered a data breach, during which a 4Chan user accessed 72,000...

RedHook Android Banking Trojan Targets Vietnamese Users with Advanced Phishing & Full Device Takeover Android Banking Trojan, RedHook Malware

RedHook Android Banking Trojan Targets Vietnamese Users with Advanced Phishing & Full Device Takeover

Ddos July 29, 2025

In a revelation by Cyble Research and Intelligence Labs (CRIL), a powerful new Android banking trojan dubbed...

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps Node-SAML Vulnerability, Authentication Bypass

Node-SAML Vulnerability, Authentication Bypass

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps

Ddos July 29, 2025

A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...

XWorm 6.0: New Variant Uses AMSI Bypass & Critical Process Trick to Evade Detection and Crash Systems

Ddos July 29, 2025

According to the latest report from Netskope Threat Labs, a new version of the XWorm malware—XWorm 6.0—has...

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack

Ddos July 29, 2025

Cybercriminals continue to find clever ways to bypass antivirus solutions and endpoint defenses. A recent Point Wild...

PyPI Warns of Sophisticated Phishing Campaign Targeting Python Developers Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

PyPI Warns of Sophisticated Phishing Campaign Targeting Python Developers

Ddos July 29, 2025

The Python Package Index (PyPI), the central repository for Python developers around the world, has issued a...

Critical CodeIgniter Flaw (CVSS 9.8) Allows Remote Code Execution, Over 2.9 Million Downloads at Risk CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

Critical CodeIgniter Flaw (CVSS 9.8) Allows Remote Code Execution, Over 2.9 Million Downloads at Risk

Ddos July 29, 2025

Developers relying on CodeIgniter, one of the most widely adopted PHP full-stack web frameworks with over 2.9...

Allianz Life Suffers Data Breach: 1.4 Million Customers’ PII Compromised via Cloud CRM Social Engineering Attack Allianz Life Breach, Social Engineering

Allianz Life Suffers Data Breach: 1.4 Million Customers’ PII Compromised via Cloud CRM Social Engineering Attack

Ddos July 29, 2025

Global insurance giant Allianz Life has issued a public notice disclosing a security incident that occurred on...

Tea Dating App Hacked: 72,000 Images, Including Selfies & IDs, Leaked on 4Chan Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Tea Dating App Hacked: 72,000 Images, Including Selfies & IDs, Leaked on 4Chan

Ddos July 29, 2025

Tea is an anonymous dating application exclusively open to women for registration and posting. Its primary function...

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos GitHub Actions Vulnerability, Command Injection

GitHub Actions Vulnerability, Command Injection

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos

Ddos July 28, 2025

A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over...

The Homograph Illusion: Phishing Attacks Exploit Lookalike Characters to Bypass Defenses – AI Amplifies the Threat Homograph Phishing, AI Amplified Threat

The Homograph Illusion: Phishing Attacks Exploit Lookalike Characters to Bypass Defenses – AI Amplifies the Threat

Ddos July 28, 2025

In a new report, Palo Alto Networks’ Unit 42 has unveiled an insidious phishing technique that continues...

Fire Ant: Stealthy Cyber-Espionage Campaign Targets VMware ESXi & vCenter, Evades Detection Cyber Espionage, VMware Infrastructure

Fire Ant: Stealthy Cyber-Espionage Campaign Targets VMware ESXi & vCenter, Evades Detection

Ddos July 28, 2025

A stealthy and highly sophisticated cyber-espionage campaign known as Fire Ant has been uncovered by Sygnia’s Incident...

RCE, SSRF & Data Exposure: Salesforce Patches 8 Serious Flaws in Tableau Server Tableau Server Vulnerabilities, Remote Code Execution

RCE, SSRF & Data Exposure: Salesforce Patches 8 Serious Flaws in Tableau Server

Ddos July 28, 2025

Salesforce has released a security advisory addressing eight serious vulnerabilities affecting multiple versions of Tableau Server, the...

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service Cyber Stealer, Infostealer-Botnet

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

Ddos July 28, 2025

The eSentire’s Threat Response Unit (TRU) has uncovered a rapidly evolving malware platform called Cyber Stealer—a full-fledged...

SHUYAL: New Stealthy Infostealer Plunders Browser Credentials, System Data, & Screenshots to Telegram SHUYAL Infostealer, Telegram Exfiltration

SHUYAL Infostealer, Telegram Exfiltration

SHUYAL: New Stealthy Infostealer Plunders Browser Credentials, System Data, & Screenshots to Telegram

Ddos July 28, 2025

In a deep-dive technical investigation, Hybrid Analysis has uncovered a powerful new information stealer dubbed SHUYAL, a...

Chaos Ransomware: New RaaS Group (Likely Former BlackSuit) Unleashes Vishing & Double Extortion

Ddos July 28, 2025

Cisco Talos Incident Response (Talos IR) has identified a new ransomware-as-a-service (RaaS) operation known as Chaos, which...

Critical Alert 1 Active Exploit Detected Today