cybersecurity Archives • Page 8 of 86 • Daily CyberSecurity

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps Chrome Security Update $90K Bug Bounty

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps

Ddos April 16, 2026

Google has begun rolling out a high-stakes update for the Chrome stable channel, addressing a total of...

Critical 9.1 SQL Injection Threatens Vendure Core Stores Vendure SQL Injection Shop API Vulnerability

Critical 9.1 SQL Injection Threatens Vendure Core Stores

Ddos April 15, 2026

Vendure Core, the open-source engine powering the enterprise commerce platform Vendure, has recently addressed a high-severity security...

No Patch Available: The CVSS 10 Flaw Turning AVideo into an Attacker’s Playground AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

No Patch Available: The CVSS 10 Flaw Turning AVideo into an Attacker’s Playground

Ddos April 15, 2026

AVideo, a versatile video streaming platform popular among content creators and businesses for hosting and monetizing content,...

High-Severity Authentication Bypass Discovered in MinIO Storage MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

MinIO Signature Bypass Unauthenticated Object Write MinIO Privilege Escalation, Policy Bypass CVE-2024-55949

High-Severity Authentication Bypass Discovered in MinIO Storage

Ddos April 15, 2026

A significant security vulnerability has been identified in MinIO, the high-performance, S3-compatible object storage solution widely used...

APT41’s New “Zero-Detection” Backdoor Targets Linux Workloads APT41 Linux Backdoor SMTP Command and Control

APT41’s New “Zero-Detection” Backdoor Targets Linux Workloads

Ddos April 15, 2026

A sophisticated new threat has been unmasked targeting the heart of enterprise cloud infrastructure. Researchers from Breakglass...

Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses ColdFusion RCE Adobe Security Patch

Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses

Ddos April 15, 2026

Adobe has released an urgent set of security updates to address multiple vulnerabilities within its ColdFusion 2025...

Critical 9.1 Flaws Hit Fortinet FortiSandbox FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Critical 9.1 Flaws Hit Fortinet FortiSandbox

Ddos April 15, 2026

Fortinet has issued an urgent advisory regarding two critical vulnerabilities in its FortiSandbox platform—vulnerabilities that could allow...

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits

Ddos April 15, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, sounding a...

108 Coordinated Chrome Extensions Hijack Your Private Telegram Sessions Chrome Extension Malware Telegram Session Hijacking

108 Coordinated Chrome Extensions Hijack Your Private Telegram Sessions

Ddos April 15, 2026

Socket’s Threat Research Team identified 108 malicious Chrome extensions operating as a coordinated campaign under a shared...

The Final Countdown: Microsoft Sets October 2026 for Office 2021 Support Shutdown Office 2021 End of Life CVE-2024-21413 KB5002700 Office 2016 Update

Office 2021 End of Life CVE-2024-21413 KB5002700 Office 2016 Update

The Final Countdown: Microsoft Sets October 2026 for Office 2021 Support Shutdown

Ddos April 14, 2026

In accordance with Microsoft’s product lifecycle roadmap, both Microsoft Office 2021 and the Microsoft Office 2021 LTSC...

Supply Chain Sabotage: The Critical RCE Flaws Lurking in PHP Composer CVE-2026-40176, CVE-2026-40261 Composer GitHub Token Leak CVE-2026-45793

Supply Chain Sabotage: The Critical RCE Flaws Lurking in PHP Composer

Ddos April 14, 2026

In the PHP ecosystem, Composer is the undisputed heavy hitter for dependency management, responsible for orchestrating the...

Check Your Inbox: Booking.com Forced to Reset PINs After Major Data Leak Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Check Your Inbox: Booking.com Forced to Reset PINs After Major Data Leak

Ddos April 14, 2026

The preeminent global platform for hospitality and travel reservations, Booking.com, has recently sustained a significant data breach....

Python Under Pressure: Critical Memory Flaws and Command Injection Bypass Uncovered Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Under Pressure: Critical Memory Flaws and Command Injection Bypass Uncovered

Ddos April 14, 2026

In the world of software development, Python (CPython) stands as a foundational pillar, powering everything from local...

New Stealth Attack Chain Weaponizes Legitimate Remote Access Software ScreenConnect Hijack In-Memory Attack

New Stealth Attack Chain Weaponizes Legitimate Remote Access Software

Ddos April 14, 2026

Security researchers have uncovered a sophisticated new threat that turns the simple act of downloading a document...

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances

Ddos April 14, 2026

Paperclip—a Node.js and React-based platform—has become a popular choice for businesses looking to deploy teams of AI...

Hardware-Locked: How Chrome’s New DBSC Makes Stolen Cookies Worthless Device Bound Session Credentials (DBSC) Session Hijacking Prevention

Hardware-Locked: How Chrome’s New DBSC Makes Stolen Cookies Worthless

Ddos April 14, 2026

In a major escalation of the war against credential-harvesting malware, the Google Account Security team has officially...

Apache NiFi Patches High-Severity Code Execution Flaw Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi Patches High-Severity Code Execution Flaw

Ddos April 14, 2026

Apache NiFi, a cornerstone for automating complex data pipelines and generative AI distribution worldwide, has addressed a...

Payroll Pirates in the North: Microsoft Unmasks ‘Storm-2755’ and the Theft of Canadian Salaries Storm-2755 Payroll Piracy

Payroll Pirates in the North: Microsoft Unmasks ‘Storm-2755’ and the Theft of Canadian Salaries

Ddos April 14, 2026

Researchers from the Microsoft Incident Response – Detection and Response Team (DART) have identified an emerging threat...

Log4j’s “Silent” Security Gap: New Advisories Warn of Data Loss and TLS Bypasses CVE-2021-45046 Log4j Security Silent Log Failures

Log4j’s “Silent” Security Gap: New Advisories Warn of Data Loss and TLS Bypasses

Ddos April 13, 2026

The Apache Log4j 2 ecosystem is facing a fresh wave of security concerns as four new vulnerabilities...

High-Severity RCE and XSS Vulnerabilities Patched in Apache Storm 2.8.6 Apache Storm RCE Deserialization Vulnerability

High-Severity RCE and XSS Vulnerabilities Patched in Apache Storm 2.8.6

Ddos April 13, 2026

Apache Storm, the distributed realtime computation system known for processing unbounded streams of data, has released a...

Critical Alert 1 Active Exploit Detected Today