cybersecurity Archives • Page 59 of 86 • Daily CyberSecurity

Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China Chinese Apps, Taiwan Security Warning

Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China

Ddos July 7, 2025

In a sweeping national security review, Taiwan’s National Security Bureau (NSB) has issued a warning to the...

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection

Ddos July 7, 2025

XWorm, a name increasingly familiar in threat intelligence circles, has once again proven its status as a...

Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens Firefox Extensions, Malware Campaign

Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens

Ddos July 7, 2025

A new report by the Socket Threat Research Team has uncovered a sprawling network of malicious Firefox...

IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector Azure Arc, Hybrid Cloud Security

IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector

Ddos July 7, 2025

IBM X-Force has peeled back the layers on Microsoft Azure Arc, uncovering how the hybrid-cloud management tool—meant...

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage NightEagle APT, Exchange Zero-Day

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

Ddos July 7, 2025

QiAnXin’s RedDrip team has exposed the full-scale cyber operations of a shadowy state-aligned APT group dubbed NightEagle...

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers SHELLTER, Infostealers

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

Ddos July 7, 2025

Elastic Security Labs has uncovered multiple malware campaigns leveraging the SHELLTER evasion framework—a product originally designed to...

Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available Linux Privilege Escalation, Sudo Vulnerabilities

Linux Privilege Escalation, Sudo Vulnerabilities

Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available

Ddos July 7, 2025

Security researchers from SecureLayer7 published the technical details and a proof-of-concept exploit for a security vulnerability, CVE-2025-6019,...

Warning: Fake MBA & Diploma Mill Scams Flourish on Deceptive .edu.eu Domains in Europe EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

Warning: Fake MBA & Diploma Mill Scams Flourish on Deceptive .edu.eu Domains in Europe

Ddos July 5, 2025

If you are considering studying in Europe, it’s important to be cautious of educational institutions or academies...

DOJ Probes Ex-Ransomware Negotiator Over Alleged Collusion With Hackers AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

DOJ Probes Ex-Ransomware Negotiator Over Alleged Collusion With Hackers

Ddos July 5, 2025

The U.S. Department of Justice has recently launched a criminal investigation into a former ransomware negotiation specialist,...

HPE Completes $14B Juniper Networks Acquisition, Doubles Networking Business & Boosts AI Portfolio Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

HPE Completes $14B Juniper Networks Acquisition, Doubles Networking Business & Boosts AI Portfolio

Ddos July 5, 2025

Following the acquisition announcement earlier this year, HPE has officially completed its purchase of networking solutions provider...

CVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available! DjVuLibre, Remote Code Execution

CVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available!

Ddos July 5, 2025

A newly discovered critical vulnerability in DjVuLibre, the open-source decoder for DjVu document files, has opened the...

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks RondoDox Botnet, DDoS Extortion

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

Ddos July 5, 2025

FortiGuard Labs has uncovered a stealthy and highly adaptive botnet dubbed RondoDox, which is actively exploiting two...

Next.js Flaw (CVE-2025-49826, CVSS 7.5): Cache Poisoning Leads to Denial-of-Service CVE-2024-56332 - CVE-2025-29927 Next.js, Cache Poisoning

Next.js Flaw (CVE-2025-49826, CVSS 7.5): Cache Poisoning Leads to Denial-of-Service

Ddos July 4, 2025

A cache poisoning vulnerability (CVE-2025-49826) with a CVSS score of 7.5 has been disclosed in Next.js, the...

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited Microsoft Edge, Zero-Day Vulnerability

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Ddos July 4, 2025

Microsoft has released Edge Stable Channel Version 138.0.3351.65, an update that addresses critical browser vulnerabilities impacting Chromium-based...

PHP Flaws: CVE-2025-1735 (SQLi/Crash) & CVE-2025-6491 (SOAP DoS) Threaten PHP Apps PHP Vulnerabilities, SQLi DoS CVE-2024-8932 & CVE-2024-8929

PHP Flaws: CVE-2025-1735 (SQLi/Crash) & CVE-2025-6491 (SOAP DoS) Threaten PHP Apps

Ddos July 4, 2025

The PHP project has released security patches addressing two vulnerabilities that expose PHP-based applications to SQL injection...

Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts

Ddos July 4, 2025

In a recent deep-dive analysis, Palo Alto Networks’ Unit 42 revealed disturbing insights into a surge of...

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson HIKVISION applyCT, Unauthenticated RCE

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Ddos July 4, 2025

A newly disclosed vulnerability in HIKVISION’s widely deployed security management platform, applyCT (previously known as HikCentral), has...

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection WordPress Malware, SEO Spam

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

Ddos July 4, 2025

In a recent investigation, Kayleigh Martin, a Security Analyst at Sucuri, uncovered a cunning new tactic used...

Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE Anthropic MCP, RCE Vulnerability

Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE

Ddos July 4, 2025

Cymulate Research Labs has revealed Anthropic’s Filesystem MCP Server vulnerabilities. Two newly disclosed flaws—CVE-2025-53110 and CVE-2025-53109—exposes systems...

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours Exploit Jupyter Notebooks

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Ddos July 4, 2025

The Wiz Research Team has uncovered a stealthy and rapidly executed exploitation chain leveraging a misconfigured Java...

Critical Alert 1 Active Exploit Detected Today