cybersecurity Archives • Page 72 of 88 • Daily CyberSecurity

MFA Bypass Alert: AitM Phishing Surges with Industrialized PhaaS Kits Targeting Microsoft 365 & Google Accounts! AitM

MFA Bypass Alert: AitM Phishing Surges with Industrialized PhaaS Kits Targeting Microsoft 365 & Google Accounts!

Do Son June 12, 2025

A new global threat assessment from Sekoia.io’s Threat Detection & Research (TDR) team reveals an escalation in...

8.4 IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available IGEL OS, Secure Boot Bypass

8.4 IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available

Do Son June 12, 2025

Researcher Zack Didcott has disclosed a critical vulnerability affecting IGEL OS 10. Tracked as CVE-2025-47827, the flaw...

9.9 Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data! Siemens Energy, Critical Vulnerability CVE-2025-40585

Siemens Energy, Critical Vulnerability CVE-2025-40585

9.9 Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data!

Do Son June 12, 2025

Siemens has issued a critical security advisory regarding its Energy Services platform—formerly known as Managed Applications and...

CyberEye RAT: Plug-and-Play Espionage via Telegram-Powered Malware

Do Son June 12, 2025

CyberEye, also known as TelegramRAT, has emerged as a powerful and modular .NET-based remote access trojan (RAT)...

9.8 Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack! QNX Vulnerability, Remote Code Execution CVE-2025-2474

9.8 Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Do Son June 12, 2025

The QNX Software Development Platform (SDP)—a foundation of many embedded and real-time systems—has been found vulnerable to...

6.6 TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing! TPM 2.0, Security Vulnerability

6.6 TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

Do Son June 12, 2025

A vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation has been disclosed, potentially allowing attackers...

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse The credential harvesting window used by the Java RAT

The credential harvesting window used by the Java RAT

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

Do Son June 12, 2025

Rapid7’s latest threat intelligence report shines a spotlight on the evolving tactics of threat actors formerly affiliated...

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform HPE Aruba, 5G Security

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform

Do Son June 11, 2025

HPE Aruba Networking has released a security update addressing a high-severity vulnerability in its Private 5G Core...

Critical Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution Konsole Vulnerability, Linux Security

Critical Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution

Do Son June 11, 2025

A newly disclosed critical vulnerability in Konsole, KDE’s popular terminal emulator, has raised serious concerns for Linux...

Windows Kernel Flaws Revealed: SYSTEM-Level Privilege Escalation & PoC Exploits Available Now! Windows Kernel, Privilege Escalation

Windows Kernel Flaws Revealed: SYSTEM-Level Privilege Escalation & PoC Exploits Available Now!

Do Son June 11, 2025

Security researcher Jael Koh of PixiePoint Security has unveiled the technical details and working proof-of-concept exploits for...

High High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring! Kibana Vulnerability, Elastic Security

High High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring!

Do Son June 11, 2025

Elastic has disclosed a high-severity vulnerability (CVE-2024-43706) affecting its Kibana observability platform, specifically in the Synthetic Monitoring...

7.8 Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware Insyde UEFI, Secure Boot Bypass CVE-2025-4275

7.8 Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware

Do Son June 11, 2025

A newly disclosed vulnerability in Insyde H2O UEFI firmware, tracked as CVE-2025-4275, allows attackers to bypass Secure...

Warning: 40,000+ Internet-Connected Cameras Are Exposed & Streaming Live Globally! Exposed Cameras, Privacy Risk

Warning: 40,000+ Internet-Connected Cameras Are Exposed & Streaming Live Globally!

Do Son June 11, 2025

In its newly released report, Bitsight reveals that more than 40,000 internet-connected security cameras across the globe...

High Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe! Chrome Security

High Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe!

Do Son June 11, 2025

Google has released a Stable Channel update for Chrome Desktop, rolling out version 137.0.7151.103/.104 for Windows and...

9.8 CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available Backend.AI Vulnerability

9.8 CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available

Do Son June 11, 2025

Security researchers at HiddenLayer have disclosed a critical privilege escalation vulnerability in Backend.AI, a widely used container-based...

“DanaBleed” Flaw Exposes DanaBot’s Inner Workings for Three Years

Do Son June 11, 2025

DanaBot—an infamous Malware-as-a-Service (MaaS) operation—unwittingly sabotaged itself with a memory leak flaw eerily reminiscent of the infamous...

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC CoreDNS Vulnerability, DoS Attack

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC

Do Son June 11, 2025

A critical denial-of-service (DoS) vulnerability has been identified in CoreDNS, the modular DNS server widely deployed across...

8.2 UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices! vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

8.2 UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices!

Do Son June 10, 2025

A new high-severity vulnerability discovered by BINARLY REsearch has reignited concerns about the integrity of the UEFI...

8.8 Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

8.8 Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...