cybersecurity Archives • Page 76 of 86 • Daily CyberSecurity

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately! Netwrix, Directory Manager Vulnerabilities

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately!

Ddos May 31, 2025

Netwrix, a provider of identity governance and access management solutions, has issued a critical security advisory warning...

New Phishing-as-a-Service Kits Bypass MFA & Target Microsoft 365 Users Globally! Phishing-as-a-Service, AiTM

New Phishing-as-a-Service Kits Bypass MFA & Target Microsoft 365 Users Globally!

Ddos May 31, 2025

Since September 2023, Trustwave’s Threat Intelligence Team has been tracking a sophisticated phishing ecosystem operated by Storm-1575,...

Bitter APT Targets Pakistan Telecom Amidst Border Tensions with New Cyberattack! Bitter APT, Pakistan Cyberattack

Bitter APT Targets Pakistan Telecom Amidst Border Tensions with New Cyberattack!

Ddos May 31, 2025

As tensions flared between India and Pakistan during Operation Sindoor on May 7, 2025, a covert cyber...

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10) Cisco IOS XE vulnerability Remote code execution

Cisco IOS XE vulnerability Remote code execution

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

Ddos May 30, 2025

A critical vulnerability—CVE-2025-20188—has been disclosed in Cisco IOS XE Wireless LAN Controller (WLC) software, allowing unauthenticated attackers...

ConnectWise ScreenConnect Targeted by Nation-State Actor TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

ConnectWise ScreenConnect Targeted by Nation-State Actor

Ddos May 30, 2025

ConnectWise, a prominent provider of IT management solutions, has issued a brief but concerning security advisory disclosing...

Spring Cloud Gateway vulnerability Header spoofing

Spring Cloud Gateway Vulnerability Exposes Applications to Header Injection Risks

Ddos May 30, 2025

A newly disclosed vulnerability in Spring Cloud Gateway Server could expose applications to header spoofing and potential...

Critical (CVSS 9.8): IBM Tivoli Monitoring Flaw Risks Remote Code Execution IBM Tivoli vulnerability CVE-2025-3357

Critical (CVSS 9.8): IBM Tivoli Monitoring Flaw Risks Remote Code Execution

Ddos May 30, 2025

IBM has issued a critical security update for its Tivoli Monitoring suite, addressing a high-severity vulnerability that...

Warning: Fake AI Tools Spread CyberLock Ransomware and Numero Destructive Malware

Ddos May 30, 2025

As artificial intelligence continues to revolutionize industries, cybercriminals are exploiting the growing demand for AI-driven tools by...

ZITADEL Flaw: Host Header Injection Risks Account Takeover (Password Reset) ZITADEL vulnerability Account takeover

ZITADEL Flaw: Host Header Injection Risks Account Takeover (Password Reset)

Ddos May 30, 2025

ZITADEL, a modern identity and access management platform, has patched a critical vulnerability in its password reset...

Spear-Phishing Alert: NetBird RAT Spreads via Deceptive Job Lures NetBird phishing Spear-phishing campaign

Spear-Phishing Alert: NetBird RAT Spreads via Deceptive Job Lures

Ddos May 30, 2025

Trellix’s Advanced Research Center has uncovered a highly targeted and stealthy spear-phishing campaign aimed at finance executives...

PureHVNC RAT Spreads Through Fake Job Offers and Multi-Stage Obfuscation PureHVNC RAT Job scam malware

PureHVNC RAT Spreads Through Fake Job Offers and Multi-Stage Obfuscation

Ddos May 30, 2025

A new wave of attacks uncovered by Netskope Threat Labs reveals a sophisticated global malware campaign delivering...

Industrial Systems at Risk: Critical Mitsubishi MELSEC Flaw (CVSS 9.1), No Patch Mitsubishi MELSEC vulnerability Industrial control system DoS

Industrial Systems at Risk: Critical Mitsubishi MELSEC Flaw (CVSS 9.1), No Patch

Ddos May 29, 2025

Mitsubishi Electric Corporation released a security advisory warning users of a serious vulnerability in its MELSEC iQ-F...

Apple App Store Blocks $2 Billion in Fraud in 2024 Alone EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

Apple App Store Blocks $2 Billion in Fraud in 2024 Alone

Ddos May 29, 2025

Apple has released its latest App Store Fraud Prevention Report, revealing that since 2019, the company has...

Stack Overflow in Redis May Lead to Remote Code Execution Redis vulnerability redis-check-aof

Stack Overflow in Redis May Lead to Remote Code Execution

Ddos May 29, 2025

Redis, the lightning-fast in-memory data store beloved by developers for real-time data applications, has recently patched a...

Beyond Malware: Stealthy ASUS Router Exploitation Survives Reboots, Builds Botnet ASUS router hack Stealthy botnet

Beyond Malware: Stealthy ASUS Router Exploitation Survives Reboots, Builds Botnet

Ddos May 29, 2025

GreyNoise has revealed a stealthy, long-running exploitation campaign targeting thousands of ASUS routers, laying the foundation for...

Zanubis Android Trojan Evolves: Hijacks Devices, Steals Banking Data Zanubis Android Trojan Mobile banking malware

Zanubis Android Trojan Evolves: Hijacks Devices, Steals Banking Data

Ddos May 29, 2025

Since mid-2022, a dangerous Android banking Trojan known as Zanubis has been on a relentless journey of...

New Malware Campaign: Fake Java Pop-ups on WordPress Trick Users WordPress malware Fake Java update

New Malware Campaign: Fake Java Pop-ups on WordPress Trick Users

Ddos May 29, 2025

Security researchers at Sucuri have uncovered a stealthy malware campaign that hijacks WordPress websites to display fake...

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce DragonForce ransomware MSP RMM attack

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce

Ddos May 29, 2025

In a recent targeted cyberattack, a threat actor compromised the remote monitoring and management (RMM) infrastructure of...

Beware Katz Stealer: Sophisticated Malware-as-a-Service Steals Everything

Ddos May 29, 2025

A newly analyzed variant of the Katz Stealer malware has been dissected by the Nextron Threat Research...

Critical (CVSS 9.8): Cyrus IMAP Flaw Risks Full System Compromise on openSUSE Cyrus IMAP vulnerability openSUSE security

Critical (CVSS 9.8): Cyrus IMAP Flaw Risks Full System Compromise on openSUSE

Ddos May 28, 2025

A severe security vulnerability has been disclosed in the Cyrus IMAP mail server, affecting openSUSE Tumbleweed systems....

Critical Alert 1 Active Exploit Detected Today