cybersecurity Archives • Page 75 of 88 • Daily CyberSecurity

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access HPE Security, Insight RS Vulnerabilities

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access

Do Son June 5, 2025

Hewlett Packard Enterprise (HPE) has issued a security advisory addressing multiple high-impact vulnerabilities in its Insight Remote...

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible! CPython Vulnerabilities, Python Tarfile CVE-2025-4517

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible!

Do Son June 5, 2025

The CPython project has issued a security advisory addressing five vulnerabilities—including one CRITICAL and three HIGH-severity flaws—affecting...

12.2TB of User Data Exposed in Passion.io Breach: Over 3.6 Million Records Left Unprotected Data Breach, Passion.io

12.2TB of User Data Exposed in Passion.io Breach: Over 3.6 Million Records Left Unprotected

Do Son June 5, 2025

In a recent disclosure by cybersecurity researcher Jeremiah Fowler, vpnMentor uncovered a massive unprotected database allegedly tied...

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System Dell AI PC marketing pivot, XPS 2026 brand revival, NPU, Tech Industry News CVE-2023-32484 PowerScale OneFS, CVE-2024-53298

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System

Do Son June 5, 2025

Dell Technologies has issued urgent patches for multiple vulnerabilities impacting PowerScale OneFS, a core component of Dell’s...

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications Auth0 PHP SDK, Critical Vulnerability

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications

Do Son June 5, 2025

A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses...

Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware! Sakura RAT, Hacker Malware

Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!

Do Son June 5, 2025

In a recent deep dive, Sophos X-Ops uncovered a sophisticated campaign that’s not targeting enterprises or governments,...

Alert: Fake DocuSign & Gitcodes Pages Install NetSupport RAT Malware! NetSupport RAT, Phishing Campaign

Alert: Fake DocuSign & Gitcodes Pages Install NetSupport RAT Malware!

Do Son June 5, 2025

Security researchers at DomainTools have uncovered a highly deceptive malware campaign designed to exploit user trust and...

CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK Auth0, Next.js SDK

CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK

Do Son June 5, 2025

A serious vulnerability has been uncovered in the widely-used Auth0 Next.js SDK—a library that helps developers implement...

IBM X-Force Uncovers Hive0131’s Sophisticated DCRat Campaign Targeting Colombian Users

Do Son June 5, 2025

In early May 2025, IBM X-Force researchers observed an active phishing campaign targeting Colombian users with fake...

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure? Container Security

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure?

Do Son June 5, 2025

As containers become the backbone of modern software deployment, many organizations still misjudge their isolation guarantees —...

Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks! ABB Security, EIBPORT Vulnerability

Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!

Do Son June 5, 2025

ABB has issued a Cyber Security Advisory addressing a critical session management vulnerability affecting its EIBPORT V3...

Multiple Stored XSS Vulnerabilities Discovered in VMware NSX — Patch Now VMware NSX, XSS Vulnerabilities

Multiple Stored XSS Vulnerabilities Discovered in VMware NSX — Patch Now

Do Son June 4, 2025

Broadcom has released important updates addressing three newly disclosed vulnerabilities in VMware NSX, all of which expose...

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure Buffer Overflow Telecom Vulnerabilities

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure

Do Son June 4, 2025

Two newly disclosed vulnerabilities in popular telecommunications devices expose critical infrastructure to unauthenticated remote code execution and...

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed IBM QRadar CVE-2025-25022

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

Do Son June 4, 2025

IBM has released a security advisory addressing multiple vulnerabilities discovered in its QRadar Suite Software and Cloud...

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data

Do Son June 4, 2025

Socket’s Threat Research Team has uncovered a targeted supply chain attack leveraging malicious RubyGems impersonating Fastlane plugins....

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware

Do Son June 4, 2025

The Sysdig Threat Research Team (TRT) has uncovered a malicious campaign exploiting a misconfigured Open WebUI instance—an...

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities WordPress Malware, Hidden Plugin

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities

Do Son June 4, 2025

The Wordfence Threat Intelligence team has uncovered a deceptive and highly persistent WordPress malware variant that disguises...

VulBinLLM: Using Large Language Models to Unlock Vulnerabilities Hidden in Stripped Binaries Binary Vulnerability, LLM

VulBinLLM: Using Large Language Models to Unlock Vulnerabilities Hidden in Stripped Binaries

Do Son June 4, 2025

A team of researchers from UCLA and Cisco Research has unveiled a framework called VulBinLLM, marking a...

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming Threat Actor Naming, Cyber Threat Intelligence

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming

Do Son June 3, 2025

In light of the longstanding confusion caused by differing nomenclature used by nations and organizations to describe...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

NSO Group Ordered to Pay WhatsApp $167M for Pegasus Spyware Attack

Do Son June 3, 2025

The notorious Israeli commercial spyware developer NSO Group has been ordered by a U.S. court jury to...