cybersecurity Archives • Page 65 of 86 • Daily CyberSecurity

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug IBM QRadar, Critical Vulnerabilities

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug

Ddos June 21, 2025

IBM has issued a security bulletin addressing three critical vulnerabilities in its QRadar SIEM platform, a widely...

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Ddos June 21, 2025

Hackers have once again employed rarely used yet remarkably effective techniques to compromise systems—this time by disguising...

Critical Pterodactyl RCE (CVSS 10.0): Unauthenticated Attackers Exploiting Flaw Now! Pterodactyl RCE, Game Server Vulnerability

Critical Pterodactyl RCE (CVSS 10.0): Unauthenticated Attackers Exploiting Flaw Now!

Ddos June 20, 2025

A critical security vulnerability has been uncovered in Pterodactyl, the popular open-source game server management panel. Tracked...

OpenVPN Driver Flaw: Local Users Can Crash Windows Systems via Buffer Overflow OpenVPN Driver, DoS Vulnerability

OpenVPN Driver Flaw: Local Users Can Crash Windows Systems via Buffer Overflow

Ddos June 20, 2025

A recently disclosed vulnerability, tracked as CVE-2025-50054, affects certain versions of the OpenVPN Windows kernel driver (ovpn-dco-win)...

Iran Plunges into Near-Total Internet Blackout Amid Escalating Cyberwar with Israel Iran Internet Shutdown, Cyberwarfare

Iran Plunges into Near-Total Internet Blackout Amid Escalating Cyberwar with Israel

Ddos June 20, 2025

According to a report from the internet traffic monitoring community NetBlocks, domestic internet connectivity in Iran has...

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Ddos June 20, 2025

Last month, a critical vulnerability was reported to Wordfence that now threatens more than 22,000 WordPress websites...

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Ddos June 20, 2025

A newly uncovered malicious campaign, dubbed SERPENTINE#CLOUD, leverages Cloudflare Tunnel subdomains to deliver payloads via phishing email...

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers Android Spyware, SpyNote

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers

Ddos June 20, 2025

At times, a seemingly innocuous open server on the internet can pose far greater danger than it...

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data

Ddos June 20, 2025

The Swiss cybersecurity firm PRODAFT has unveiled detailed findings regarding a widespread malicious campaign involving an Android...

Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025 student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025

Ddos June 20, 2025

Microsoft routinely phases out outdated protocols used to access its services, primarily to reduce the potential attack...

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants Login Credentials, Data Leak CVE-2024-47191 - OATH-Toolkit

Login Credentials, Data Leak CVE-2024-47191 - OATH-Toolkit

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants

Ddos June 20, 2025

Since yesterday, reports of a hacker allegedly selling a staggering 16 billion sets of login credentials have...

Critical Versa Director Flaw: RCE Possible via HA Ports, PoC Available

Ddos June 20, 2025

A newly discovered critical vulnerability in Versa Networks’ SD-WAN orchestration platform, Versa Director, exposes enterprise networks to...

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Ddos June 20, 2025

According to a new report from Proofpoint, a previously known threat, ACR Stealer, has been reborn under...

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack

Ddos June 20, 2025

A newly uncovered software supply chain campaign by the threat group Banana Squad has compromised more than...

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Ddos June 20, 2025

A new report from Check Point Research exposes a sophisticated malware campaign that has weaponized the modding...

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals North Korean APT, PylangGhost

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Ddos June 20, 2025

Recently, Cisco Talos unveiled a new Python-based remote access trojan (RAT) dubbed PylangGhost, used exclusively by a...

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign Silver Fox APT, Cyber Espionage

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign

Ddos June 20, 2025

A newly surfaced report from Picus has shed light on Silver Fox (a.k.a. Void Arachne or The...

Critical Privilege Escalation Flaw in FreeIPA Threatens Linux Domain Security FreeIPA, Privilege Escalation

Critical Privilege Escalation Flaw in FreeIPA Threatens Linux Domain Security

Ddos June 20, 2025

A newly disclosed vulnerability in FreeIPA, an identity management solution used to centrally manage Linux and UNIX...

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices Fuel Infrastructure, Critical Vulnerability

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices

Ddos June 20, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security advisory warning fuel infrastructure...

ComfyUI Under Attack: “Pickai” C++ Backdoor Compromises 700+ AI Image Generation Servers Globally

Ddos June 20, 2025

In a concerning development for AI infrastructure security, XLab has uncovered an active exploitation campaign targeting ComfyUI—a...

Critical Alert 1 Active Exploit Detected Today