cybersecurity Archives • Page 53 of 88 • Daily CyberSecurity

Brave Browser Blocks Microsoft Recall by Default, Citing Persistent Privacy Concerns Brave Browser, Microsoft Recall

Brave Browser Blocks Microsoft Recall by Default, Citing Persistent Privacy Concerns

Do Son July 23, 2025

The widely recognized Brave Browser has recently announced that it will, by default, block Microsoft’s AI-powered Recall...

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT

Do Son July 23, 2025

If you are an Arch Linux user and have installed Mozilla Firefox, LibreWolf, or Zen Web from...

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog CISA KEV, Zero-Day Exploitation

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog

Do Son July 23, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

9.4 Critical Flaw (CVE-2025-7783, CVSS 9.4) in Form-Data Library Exposes Millions of Apps to Multipart Injection & RCE Form-Data Vulnerability, Multipart Injection

Form-Data Vulnerability, Multipart Injection

9.4 Critical Flaw (CVE-2025-7783, CVSS 9.4) in Form-Data Library Exposes Millions of Apps to Multipart Injection & RCE

Do Son July 23, 2025

A critical vulnerability has been uncovered in the widely used JavaScript library Form-Data, impacting millions of applications...

8.8 Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706) Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

8.8 Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)

Do Son July 23, 2025

Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical...

Critical CISA, FBI Warn of Interlock Ransomware, Actively Targeting Businesses & Critical Infrastructure Interlock Ransomware, CISA Advisory

Critical CISA, FBI Warn of Interlock Ransomware, Actively Targeting Businesses & Critical Infrastructure

Do Son July 23, 2025

In a new joint cybersecurity advisory issued on July 22, 2025, the Cybersecurity and Infrastructure Security Agency...

New RFQ Scams Hit Businesses: Fraudsters Steal Goods via Net Financing & Fake Procurement FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

New RFQ Scams Hit Businesses: Fraudsters Steal Goods via Net Financing & Fake Procurement

Do Son July 23, 2025

Cybercriminals are evolving beyond phishing emails and malware-laced links. According to a new report by Proofpoint Threat...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

8.8 Google Patches Two High-Severity V8 Vulnerabilities (CVE-2025-8010, CVE-2025-8011) in Chrome

Do Son July 23, 2025

Google has released a new Stable Channel Update for Chrome Desktop, bringing the browser to version 138.0.7204.168/.169...

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub Lumma Stealer, Malware Resurgence

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub

Do Son July 23, 2025

The Lumma Stealer malware suffered a massive takedown in May 2025, with over 2,300 malicious domains seized....

10.0 Critical Manager.io Flaw (CVE-2025-54122, CVSS 10.0) Allows Unauthenticated SSRF & Cloud Takeover Manager.io SSRF, Accounting Software Vulnerability

Manager.io SSRF, Accounting Software Vulnerability

10.0 Critical Manager.io Flaw (CVE-2025-54122, CVSS 10.0) Allows Unauthenticated SSRF & Cloud Takeover

Do Son July 23, 2025

A newly disclosed critical vulnerability in Manager.io, a free accounting software used by businesses across Australia and...

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion AmateraStealer, Infostealer Evolution

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion

Do Son July 23, 2025

ACRStealer—recently rebranded as AmateraStealer—has emerged as one of the most sophisticated infostealers in the wild, marked by...

10.0 Urgent: Cisco ISE Flaws (CVSS 10.0) Actively Exploited in the Wild – Patch Immediately! Cisco ISE Exploitation

10.0 Urgent: Cisco ISE Flaws (CVSS 10.0) Actively Exploited in the Wild – Patch Immediately!

Do Son July 22, 2025

Cisco has issued an urgent update to its security advisory, revealing that three critical remote code execution...

Critical Critical Kubernetes Image Builder Flaw: Default Credentials Grant Root Access to Windows Nodes Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Critical Critical Kubernetes Image Builder Flaw: Default Credentials Grant Root Access to Windows Nodes

Do Son July 22, 2025

The Kubernetes project has issued an important advisory addressing a critical vulnerability—CVE-2025-7342 (CVSS 8.1)—in the Kubernetes Image...

Chrome for iOS Levels Up: New Features Enhance Data Separation for Work and Personal Accounts Chrome iOS, Enterprise Features

Chrome for iOS Levels Up: New Features Enhance Data Separation for Work and Personal Accounts

Do Son July 22, 2025

As more enterprises embrace the BYOD (Bring Your Own Device) model, Google has recently introduced a suite...

9.8 Urgent Sophos Firewall Update: Two Critical RCE Flaws (CVE-2025-6704, CVE-2025-7624) Patched via Hotfixes Sophos Firewall, Remote Code Execution

9.8 Urgent Sophos Firewall Update: Two Critical RCE Flaws (CVE-2025-6704, CVE-2025-7624) Patched via Hotfixes

Do Son July 22, 2025

Sophos has issued a security advisory detailing the remediation of five vulnerabilities in Sophos Firewall, including two...

9.0 Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE Nokia WaveSuite, Command Injection

9.0 Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE

Do Son July 22, 2025

Nokia’s WaveSuite NOC (WS-NOC) platform—an integral part of network operations for telecom and enterprise environments— exists two...

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization

Do Son July 22, 2025

Trustwave SpiderLabs has identified an active Android malware cluster that blends brand impersonation with traffic monetization tactics,...

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

Do Son July 22, 2025

FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...

Critical Important wolfSSL Update: Critical Apple Trust Store Bypass & Predictable Randomness Flaws Patched wolfSSL Vulnerabilities, TLS/SSL Security

wolfSSL Vulnerabilities, TLS/SSL Security

Critical Important wolfSSL Update: Critical Apple Trust Store Bypass & Predictable Randomness Flaws Patched

Do Son July 22, 2025

The developers of the lightweight TLS/SSL implementation wolfSSL have issued a security advisory addressing multiple vulnerabilities in...

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers Linux Botnet Discord C2

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers

Do Son July 22, 2025

In a recent analysis, AhnLab’s Security Intelligence Center (ASEC) has uncovered an emerging threat targeting misconfigured and...