cybersecurity Archives • Page 52 of 86 • Daily CyberSecurity

Chrome for iOS Levels Up: New Features Enhance Data Separation for Work and Personal Accounts Chrome iOS, Enterprise Features

Chrome for iOS Levels Up: New Features Enhance Data Separation for Work and Personal Accounts

Ddos July 22, 2025

As more enterprises embrace the BYOD (Bring Your Own Device) model, Google has recently introduced a suite...

Urgent Sophos Firewall Update: Two Critical RCE Flaws (CVE-2025-6704, CVE-2025-7624) Patched via Hotfixes Sophos Firewall, Remote Code Execution

Urgent Sophos Firewall Update: Two Critical RCE Flaws (CVE-2025-6704, CVE-2025-7624) Patched via Hotfixes

Ddos July 22, 2025

Sophos has issued a security advisory detailing the remediation of five vulnerabilities in Sophos Firewall, including two...

Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE Nokia WaveSuite, Command Injection

Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE

Ddos July 22, 2025

Nokia’s WaveSuite NOC (WS-NOC) platform—an integral part of network operations for telecom and enterprise environments— exists two...

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization

Ddos July 22, 2025

Trustwave SpiderLabs has identified an active Android malware cluster that blends brand impersonation with traffic monetization tactics,...

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

Ddos July 22, 2025

FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...

Important wolfSSL Update: Critical Apple Trust Store Bypass & Predictable Randomness Flaws Patched wolfSSL Vulnerabilities, TLS/SSL Security

Important wolfSSL Update: Critical Apple Trust Store Bypass & Predictable Randomness Flaws Patched

Ddos July 22, 2025

The developers of the lightweight TLS/SSL implementation wolfSSL have issued a security advisory addressing multiple vulnerabilities in...

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers Linux Botnet Discord C2

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers

Ddos July 22, 2025

In a recent analysis, AhnLab’s Security Intelligence Center (ASEC) has uncovered an emerging threat targeting misconfigured and...

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Ddos July 22, 2025

In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis” Ghost Crypt, PureRAT

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis”

Ddos July 22, 2025

eSentire’s Threat Response Unit (TRU) uncovered a sophisticated attack against a certified public accounting firm in the...

Apache Jena Flaws (CVE-2025-49656 and CVE-2025-50151) Expose Semantic Web Apps to File System Compromise Apache Jena, File System Vulnerabilities

Apache Jena Flaws (CVE-2025-49656 and CVE-2025-50151) Expose Semantic Web Apps to File System Compromise

Ddos July 22, 2025

Apache Jena, a widely-used Java framework for building semantic web and linked data applications, has released an...

LARVA-208: New Web3 Phishing Campaign Leverages Fake AI Platforms & Job Lures to Steal Crypto

Ddos July 22, 2025

A recent investigation by cybersecurity firm PRODAFT has uncovered a targeted and cunning phishing campaign by the...

Microsoft Extends Exchange Server 2016/2019 Support with Paid ESU Program (6-Month Lifeline) Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Microsoft Extends Exchange Server 2016/2019 Support with Paid ESU Program (6-Month Lifeline)

Ddos July 21, 2025

Microsoft had previously announced the launch of a paid Extended Security Updates (ESU) program for Windows 10,...

Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows Sophos Intercept X, Privilege Escalation

Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows

Ddos July 21, 2025

Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X...

Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately! Livewire RCE, Laravel Vulnerability

Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately!

Ddos July 21, 2025

A critical remote command execution (RCE) vulnerability has been discovered in Livewire, the popular full-stack framework for...

Scanception: Global QR Code Phishing Campaign Bypasses Enterprise Security, Steals Credentials at Scale QR Code Phishing, Credential Harvesting

Scanception: Global QR Code Phishing Campaign Bypasses Enterprise Security, Steals Credentials at Scale

Ddos July 21, 2025

Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing global phishing campaign that weaponizes QR codes...

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected Katz Stealer, Info-Stealer MaaS

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected

Ddos July 21, 2025

In the crowded arena of information-stealing malware, Katz Stealer is quickly establishing itself as one of the...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Windows Zero-Day Actively Exploited by Ransomware Gangs – PoC Available!

Ddos July 21, 2025

In April 2025, Microsoft issued a critical security patch addressing a serious vulnerability in the Windows Common...

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Ddos July 21, 2025

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service 7-Zip Vulnerabilities, File Archiver Security

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service

Ddos July 21, 2025

Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source...

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation SharePoint RCE, ToolShell Exploit

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation

Ddos July 21, 2025

On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly...

Critical Alert 1 Active Exploit Detected Today