cybersecurity Archives • Page 67 of 86 • Daily CyberSecurity

Critical Linux Root Exploit Chain Discovered in PAM & UDisks, Affecting Major Distros Linux Root Privilege Escalation

Critical Linux Root Exploit Chain Discovered in PAM & UDisks, Affecting Major Distros

Ddos June 18, 2025

The Qualys Threat Research Unit (TRU) has unveiled two interconnected privilege escalation vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that can allow...

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs

Ddos June 18, 2025

Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable...

Linux Kernel Flaw (CVE-2023-0386) Actively Exploited for Root Privilege Escalation, PoC Available CVE-2023-0386 PoC Linux Privilege Escalation, OverlayFS

CVE-2023-0386 PoC Linux Privilege Escalation, OverlayFS

Linux Kernel Flaw (CVE-2023-0386) Actively Exploited for Root Privilege Escalation, PoC Available

Ddos June 18, 2025

A dangerous Linux privilege escalation vulnerability, CVE-2023-0386, has officially entered the CISA Known Exploited Vulnerabilities (KEV) Catalog...

Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread

Ddos June 18, 2025

The Cloud Software Group has issued a security bulletin addressing two critical vulnerabilities in NetScaler ADC (formerly...

Urgent Veeam Update: Critical RCE CVE-2025-23121 (CVSS 9.9) & Two Other Flaws Threaten Backup Servers Veeam Vulnerabilities CVE-2024-42448 & CVE-2024-42449

Veeam Vulnerabilities CVE-2024-42448 & CVE-2024-42449

Urgent Veeam Update: Critical RCE CVE-2025-23121 (CVSS 9.9) & Two Other Flaws Threaten Backup Servers

Ddos June 18, 2025

Veeam, a global leader in data protection and disaster recovery solutions, has issued a critical security update...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Chrome Update Alert: Two High-Severity Flaws (CVE-2025-6191, CVE-2025-6192) Patched

Ddos June 18, 2025

Google has rolled out an important security update for the Stable Channel of Chrome, bringing the version...

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Ddos June 18, 2025

German industrial automation manufacturer WAGO GmbH & Co. KG has released critical security updates for its WAGO...

Kimsuky APT Group Abuses HWP and AnyDesk for Covert Remote Surveillance

Ddos June 18, 2025

The North Korean threat actor Kimsuky has been spotted deploying yet another advanced phishing campaign—this time leveraging...

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection

Ddos June 17, 2025

As the adoption of generative AI accelerates across industries, enterprises are simultaneously raising their expectations for the...

OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

OpenAI Secures $200M DoD Contract to Develop Advanced AI for National Security

Ddos June 17, 2025

OpenAI has announced the signing of a $200 million contract with the United States Department of Defense...

High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass

Ddos June 17, 2025

Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to...

Critical Teleport Flaw (CVSS 9.8): Remote Authentication Bypass Threatens Infrastructure Access Teleport Vulnerability, Remote Authentication Bypass

Teleport Vulnerability, Remote Authentication Bypass

Critical Teleport Flaw (CVSS 9.8): Remote Authentication Bypass Threatens Infrastructure Access

Ddos June 17, 2025

Teleport, a leading platform for secure infrastructure access, has disclosed a critical remote authentication bypass vulnerability—tracked as...

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments MCP Inspector, RCE Vulnerability

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments

Ddos June 17, 2025

A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine...

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer sslh Vulnerabilities, DoS Attack

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer

Ddos June 17, 2025

In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used...

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover BeyondTrust RCE, Server-Side Template Injection

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover

Ddos June 17, 2025

BeyondTrust has issued an urgent security advisory for a high-severity vulnerability affecting its flagship products—Remote Support (RS)...

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload

Ddos June 17, 2025

In a recent investigation, threat intelligence firm CloudSEK uncovered a stealthy, fileless malware campaign leveraging social engineering...

Water Curse: GitHub Supply Chain Attack Spreads Malware via Fake Tools, Targets Devs & Gamers

Ddos June 17, 2025

In a sweeping campaign that blends social engineering with software subversion, a newly identified threat actor dubbed...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Ddos June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation OneLogin Vulnerability, Active Directory Hack

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation

Ddos June 17, 2025

A recent investigation by SpecterOps has uncovered a chain of critical vulnerabilities in OneLogin’s Active Directory (AD)...

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs PoCGen, LLM Exploit Generation

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs

Ddos June 17, 2025

A tool named PoCGen is revolutionizing how the security community generates Proof-of-Concept (PoC) exploits for vulnerabilities in...

Critical Alert 1 Active Exploit Detected Today