cybersecurity Archives • Page 69 of 88 • Daily CyberSecurity

Kimsuky APT Group Abuses HWP and AnyDesk for Covert Remote Surveillance kimsumy

Kimsuky APT Group Abuses HWP and AnyDesk for Covert Remote Surveillance

Do Son June 18, 2025

The North Korean threat actor Kimsuky has been spotted deploying yet another advanced phishing campaign—this time leveraging...

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Fortifies AI Security: Integrates NVIDIA Agentic AI Safety for End-to-End Protection

Do Son June 17, 2025

As the adoption of generative AI accelerates across industries, enterprises are simultaneously raising their expectations for the...

ChatGPT Lockdown Mode OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

OpenAI Secures $200M DoD Contract to Develop Advanced AI for National Security

Do Son June 17, 2025

OpenAI has announced the signing of a $200 million contract with the United States Department of Defense...

High High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

High High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass

Do Son June 17, 2025

Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to...

9.8 Critical Teleport Flaw (CVSS 9.8): Remote Authentication Bypass Threatens Infrastructure Access Teleport Vulnerability, Remote Authentication Bypass

Teleport Vulnerability, Remote Authentication Bypass

9.8 Critical Teleport Flaw (CVSS 9.8): Remote Authentication Bypass Threatens Infrastructure Access

Do Son June 17, 2025

Teleport, a leading platform for secure infrastructure access, has disclosed a critical remote authentication bypass vulnerability—tracked as...

9.4 CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments MCP Inspector, RCE Vulnerability

9.4 CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments

Do Son June 17, 2025

A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine...

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer sslh Vulnerabilities, DoS Attack

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer

Do Son June 17, 2025

In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used...

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover BeyondTrust RCE, Server-Side Template Injection

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover

Do Son June 17, 2025

BeyondTrust has issued an urgent security advisory for a high-severity vulnerability affecting its flagship products—Remote Support (RS)...

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload

Do Son June 17, 2025

In a recent investigation, threat intelligence firm CloudSEK uncovered a stealthy, fileless malware campaign leveraging social engineering...

Water Curse: GitHub Supply Chain Attack Spreads Malware via Fake Tools, Targets Devs & Gamers

Do Son June 17, 2025

In a sweeping campaign that blends social engineering with software subversion, a newly identified threat actor dubbed...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Do Son June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation OneLogin Vulnerability, Active Directory Hack

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation

Do Son June 17, 2025

A recent investigation by SpecterOps has uncovered a chain of critical vulnerabilities in OneLogin’s Active Directory (AD)...

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs PoCGen, LLM Exploit Generation

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs

Do Son June 17, 2025

A tool named PoCGen is revolutionizing how the security community generates Proof-of-Concept (PoC) exploits for vulnerabilities in...

9.8 Zyxel Firewalls Under Attack via Critical CVE-2023-28771 Zyxel Firewall, CVE-2023-28771

9.8 Zyxel Firewalls Under Attack via Critical CVE-2023-28771

Do Son June 17, 2025

A sudden and coordinated wave of exploit attempts targeting a critical vulnerability in Zyxel firewalls has been...

GrayAlpha’s Expanding Arsenal: FIN7-Aligned Threat Actor Deploys Custom Loaders to Spread NetSupport RAT

Do Son June 17, 2025

A newly uncovered campaign by threat actor GrayAlpha, which overlaps with the infamous FIN7 cybercrime syndicate, reveals...

9.8 Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet CVE-2025-3248 PoC script execution

9.8 Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet

Do Son June 16, 2025

Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability...

Google Play Store Alert: New Phishing Apps Bypass Security, Stealing Crypto Wallet Seeds Crypto Phishing Apps, Google Play Store

Google Play Store Alert: New Phishing Apps Bypass Security, Stealing Crypto Wallet Seeds

Do Son June 16, 2025

Both the Apple App Store and Google Play Store are frequently found to host malicious applications, despite...

9.8 Unauthenticated RCE in Mitel SIP Phones (CVSS 9.8) Detailed with PoC Exploit

Do Son June 16, 2025

In a recent disclosure, InfoGuard Labs researcher Marc Bollhalder has detailed a critical unauthenticated remote command injection...

9.8 Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks Blink Router, Critical Vulnerabilities

9.8 Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Do Son June 16, 2025

Five critical vulnerabilities—each scoring a CVSS of 9.8—have been disclosed in multiple models of Blink routers BL,...

Predator Spyware Resurges: New Infrastructure, Evasion Tactics, and Mozambique Customer Uncovered Predator Spyware, Cyber Threat Analysis

Predator Spyware Resurges: New Infrastructure, Evasion Tactics, and Mozambique Customer Uncovered

Do Son June 16, 2025

Despite mounting international pressure, public exposures, and a barrage of sanctions, the Predator spyware continues to evolve...