June 23, 2026

cybersecurity

Phishing Alert: Fake WeTransfer & HunCERT Pages Hosted on AWS S3 & Cloudflare Turnstile Stealing Credentials Phishing, File Sharing Scam

Phishing Alert: Fake WeTransfer & HunCERT Pages Hosted on AWS S3 & Cloudflare Turnstile Stealing Credentials

Do Son July 8, 2025 0
The Cyble Research and Intelligence Labs (CRIL) has exposed an active and highly targeted phishing campaign that...
Read More Read more about Phishing Alert: Fake WeTransfer & HunCERT Pages Hosted on AWS S3 & Cloudflare Turnstile Stealing Credentials
10 CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover WAGO Device Sphere, Critical Vulnerability

10 CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover

Do Son July 8, 2025 0
A coordinated disclosure by CERT@VDE and WAGO has unveiled a devastating vulnerability—CVE-2025-41672—impacting WAGO’s industrial automation platform Device...
Read More Read more about <span class="dcs-sev-badge" style="background:#ef4444;">10</span> CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover
7.5 ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published ScriptCase RCE, Pre-Auth Vulnerability

7.5 ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published

Do Son July 7, 2025 0
In a recent security advisory, researchers from Synacktiv revealed two chained vulnerabilities in ScriptCase’s Production Environment module—known...
Read More Read more about <span class="dcs-sev-badge" style="background:#f97316;">7.5</span> ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published
State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks china-data

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

Do Son July 7, 2025 0
In a revelation from SpyCloud Labs, two confidential Chinese datasets—known as the VenusTech Data Leak and the...
Read More Read more about State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks
Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China Chinese Apps, Taiwan Security Warning

Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China

Do Son July 7, 2025 0
In a sweeping national security review, Taiwan’s National Security Bureau (NSB) has issued a warning to the...
Read More Read more about Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China
Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens Firefox Extensions, Malware Campaign

Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens

Do Son July 7, 2025 0
A new report by the Socket Threat Research Team has uncovered a sprawling network of malicious Firefox...
Read More Read more about Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens
IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector Azure Arc, Hybrid Cloud Security

IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector

Do Son July 7, 2025 0
IBM X-Force has peeled back the layers on Microsoft Azure Arc, uncovering how the hybrid-cloud management tool—meant...
Read More Read more about IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector
Critical “NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage NightEagle APT, Exchange Zero-Day

Critical “NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

Do Son July 7, 2025 0
QiAnXin’s RedDrip team has exposed the full-scale cyber operations of a shadowy state-aligned APT group dubbed NightEagle...
Read More Read more about <span class="dcs-sev-badge" style="background:#ef4444;">Critical</span> “NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage
SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers SHELLTER, Infostealers

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

Do Son July 7, 2025 0
Elastic Security Labs has uncovered multiple malware campaigns leveraging the SHELLTER evasion framework—a product originally designed to...
Read More Read more about SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers
7.0 Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available Linux Privilege Escalation, Sudo Vulnerabilities

7.0 Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available

Do Son July 7, 2025 0
Security researchers from SecureLayer7 published the technical details and a proof-of-concept exploit for a security vulnerability, CVE-2025-6019,...
Read More Read more about <span class="dcs-sev-badge" style="background:#f97316;">7.0</span> Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available