cybersecurity Archives • Page 54 of 88 • Daily CyberSecurity

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Do Son July 22, 2025

In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis” Ghost Crypt, PureRAT

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis”

Do Son July 22, 2025

eSentire’s Threat Response Unit (TRU) uncovered a sophisticated attack against a certified public accounting firm in the...

7.5 Apache Jena Flaws (CVE-2025-49656 and CVE-2025-50151) Expose Semantic Web Apps to File System Compromise Apache Jena, File System Vulnerabilities

7.5 Apache Jena Flaws (CVE-2025-49656 and CVE-2025-50151) Expose Semantic Web Apps to File System Compromise

Do Son July 22, 2025

Apache Jena, a widely-used Java framework for building semantic web and linked data applications, has released an...

LARVA-208: New Web3 Phishing Campaign Leverages Fake AI Platforms & Job Lures to Steal Crypto

Do Son July 22, 2025

A recent investigation by cybersecurity firm PRODAFT has uncovered a targeted and cunning phishing campaign by the...

Microsoft Extends Exchange Server 2016/2019 Support with Paid ESU Program (6-Month Lifeline) Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Microsoft Extends Exchange Server 2016/2019 Support with Paid ESU Program (6-Month Lifeline)

Do Son July 21, 2025

Microsoft had previously announced the launch of a paid Extended Security Updates (ESU) program for Windows 10,...

High Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows Sophos Intercept X, Privilege Escalation

High Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows

Do Son July 21, 2025

Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X...

9.2 Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately! Livewire RCE, Laravel Vulnerability

9.2 Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately!

Do Son July 21, 2025

A critical remote command execution (RCE) vulnerability has been discovered in Livewire, the popular full-stack framework for...

Scanception: Global QR Code Phishing Campaign Bypasses Enterprise Security, Steals Credentials at Scale QR Code Phishing, Credential Harvesting

Scanception: Global QR Code Phishing Campaign Bypasses Enterprise Security, Steals Credentials at Scale

Do Son July 21, 2025

Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing global phishing campaign that weaponizes QR codes...

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected Katz Stealer, Info-Stealer MaaS

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected

Do Son July 21, 2025

In the crowded arena of information-stealing malware, Katz Stealer is quickly establishing itself as one of the...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Windows Zero-Day Actively Exploited by Ransomware Gangs – PoC Available!

Do Son July 21, 2025

In April 2025, Microsoft issued a critical security patch addressing a serious vulnerability in the Windows Common...

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Do Son July 21, 2025

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service 7-Zip Vulnerabilities, File Archiver Security

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service

Do Son July 21, 2025

Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source...

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation SharePoint RCE, ToolShell Exploit

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation

Do Son July 21, 2025

On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly...

Lenovo Vantage Flaws Allow Local Privilege Escalation on PCs Lenovo Vantage, Privilege Escalation

Lenovo Vantage Flaws Allow Local Privilege Escalation on PCs

Do Son July 21, 2025

Lenovo has issued a security advisory disclosing three newly discovered vulnerabilities in Lenovo Vantage, a widely pre-installed...

Fake Receipts, Real Damage: Group-IB Uncovers Fraud-as-a-Service Empire Behind MaisonReceipts Fraud-as-a-Service, Fake Receipts

Fake Receipts, Real Damage: Group-IB Uncovers Fraud-as-a-Service Empire Behind MaisonReceipts

Do Son July 21, 2025

In an age where deception is just a few clicks away, Group-IB’s latest report reveals a rise...

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials SonicWall Malware, Supply Chain Attack

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials

Do Son July 21, 2025

In a newly uncovered software supply chain attack, threat actors have successfully deployed a backdoored version of...

9.8 SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet! SharePoint RCE, Zero-Day Exploitation CVE-2025-53770

9.8 SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!

Do Son July 20, 2025

Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation...

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library PyPI Supply Chain, Credit Card Theft

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library

Do Son July 20, 2025

Imperva researchers have uncovered a supply chain attack masquerading as a popular Python utility. The package in...

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages npm Phishing, Supply Chain Attack

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

Do Son July 19, 2025

A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...

9.8 FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available! CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

9.8 FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available!

Do Son July 19, 2025

A critical SQL injection vulnerability in Fortinet FortiWeb, tracked as CVE-2025-25257, has been added to the CISA...