cybersecurity Archives • Page 74 of 86 • Daily CyberSecurity

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed IBM QRadar CVE-2025-25022

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

Ddos June 4, 2025

IBM has released a security advisory addressing multiple vulnerabilities discovered in its QRadar Suite Software and Cloud...

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data

Ddos June 4, 2025

Socket’s Threat Research Team has uncovered a targeted supply chain attack leveraging malicious RubyGems impersonating Fastlane plugins....

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware

Ddos June 4, 2025

The Sysdig Threat Research Team (TRT) has uncovered a malicious campaign exploiting a misconfigured Open WebUI instance—an...

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities WordPress Malware, Hidden Plugin

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities

Ddos June 4, 2025

The Wordfence Threat Intelligence team has uncovered a deceptive and highly persistent WordPress malware variant that disguises...

VulBinLLM: Using Large Language Models to Unlock Vulnerabilities Hidden in Stripped Binaries Binary Vulnerability, LLM

VulBinLLM: Using Large Language Models to Unlock Vulnerabilities Hidden in Stripped Binaries

Ddos June 4, 2025

A team of researchers from UCLA and Cisco Research has unveiled a framework called VulBinLLM, marking a...

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming Threat Actor Naming, Cyber Threat Intelligence

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming

Ddos June 3, 2025

In light of the longstanding confusion caused by differing nomenclature used by nations and organizations to describe...

India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

NSO Group Ordered to Pay WhatsApp $167M for Pegasus Spyware Attack

Ddos June 3, 2025

The notorious Israeli commercial spyware developer NSO Group has been ordered by a U.S. court jury to...

BitMEX Turns Tables on Lazarus Group: Infiltrates Hacker Infrastructure EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

BitMEX Turns Tables on Lazarus Group: Infiltrates Hacker Infrastructure

Ddos June 3, 2025

In recent years, the North Korean hacking collective known as the Lazarus Group has shifted its focus...

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems DELMIA Apriso, Critical Vulnerability

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems

Ddos June 3, 2025

DELMIA Apriso is part of Dassault Systèmes’ industrial solutions suite and functions as a Manufacturing Execution System...

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software HPE StoreOnce, Authentication Bypass

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software

Ddos June 3, 2025

Hewlett Packard Enterprise (HPE) has issued a security bulletin detailing multiple severe vulnerabilities in its StoreOnce Software,...

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk Router Exploit, FiberGateway

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk

Ddos June 3, 2025

Security researcher João Domingos has published a comprehensive breakdown of a full exploit chain affecting the FiberGateway...

JINX-0132: Cryptojackers Exploit Misconfigured DevOps Environments Cryptojacking, DevOps Security

JINX-0132: Cryptojackers Exploit Misconfigured DevOps Environments

Ddos June 3, 2025

Wiz Threat Research has uncovered a stealthy cryptojacking operation exploiting misconfigured DevOps environments. Dubbed “JINX-0132”, the campaign...

Linux Flaws Expose Sensitive Data via Core Dumps Linux Kernel 2025 Year in Review, Rust for Linux graduation Linux Security, Core Dump CVE-2023-52447 PoC Exploit

Linux Kernel 2025 Year in Review, Rust for Linux graduation Linux Security, Core Dump CVE-2023-52447 PoC Exploit

Linux Flaws Expose Sensitive Data via Core Dumps

Ddos June 3, 2025

In a recent disclosure, the Qualys Threat Research Unit (TRU) has unearthed two local information disclosure vulnerabilities...

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy Haozi Phishing, PhaaS

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy

Ddos June 3, 2025

A new report from Netcraft has exposed the alarming return of Haozi, a Chinese-language Phishing-as-a-Service (PhaaS) platform...

Stealthy npm Supply Chain Attack: Typosquatting Leads to Remote Code Execution and Data Destruction npm supply chain attack, typosquatting

Stealthy npm Supply Chain Attack: Typosquatting Leads to Remote Code Execution and Data Destruction

Ddos June 3, 2025

In a recent revelation, Socket’s Threat Research Team has uncovered a stealthy npm supply chain attack leveraging...

Glitch Platform Abused: Phishing Campaigns Circumvent MFA and Target Credit Unions Glitch Phishing, MFA Bypass

Glitch Platform Abused: Phishing Campaigns Circumvent MFA and Target Credit Unions

Ddos June 3, 2025

From January to April 2025, Netskope Threat Labs uncovered a significant spike in phishing campaigns abusing the...

How to Detect Microsoft 365 Phishing Attacks on Your Business Microsoft 365 Phishing, Interactive Sandbox

How to Detect Microsoft 365 Phishing Attacks on Your Business

Ddos June 3, 2025

What if one fake login page could give an outsider access to your company’s most sensitive data?...

Gh0st in the Machine: ASEC Uncovers Cryptomining Campaign Exploiting Korean Internet Cafés Gh0st RAT, CoinMiner

Gh0st in the Machine: ASEC Uncovers Cryptomining Campaign Exploiting Korean Internet Cafés

Ddos June 3, 2025

In a revealing analysis, the AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated, ongoing malware campaign...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Ddos June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

Unmasking BtHoster: The Bulletproof Host Fueling Global Cyberattacks BtHoster, Bulletproof Hosting

Unmasking BtHoster: The Bulletproof Host Fueling Global Cyberattacks

Ddos June 3, 2025

In a revealing investigation, French cybersecurity firm Intrinsec exposes the sprawling infrastructure of BtHoster, a bulletproof hosting...

Critical Alert 1 Active Exploit Detected Today