cybersecurity Archives • Page 83 of 86 • Daily CyberSecurity

Gorilla Android Malware: Evolving Threat with Espionage Capabilities RatOn, Android trojan

Gorilla Android Malware: Evolving Threat with Espionage Capabilities

Ddos April 18, 2025

A newly discovered Android malware dubbed Gorilla is quietly emerging as a serious threat, according to a...

Server-Side Phishing Campaign Evades Detection, Targets Employee Portals

Ddos April 18, 2025

A new report by threat intelligence platform Hunt.io has revealed a stealthy and persistent phishing campaign that...

CISA Warns of Credential Risks Tied to Oracle Cloud Breach Oracle breach, credential compromise

CISA Warns of Credential Risks Tied to Oracle Cloud Breach

Ddos April 17, 2025

Early this month, Oracle has discreetly notified select clients that attackers successfully breached one of its legacy...

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware Node.js malware, malvertising attacks

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware

Ddos April 17, 2025

Microsoft Defender Experts (DEX) has observed a rise in malicious campaigns that use Node.js to deliver malware...

Onfido Users Targeted in Google Ad Malvertising Campaign malver

Onfido Users Targeted in Google Ad Malvertising Campaign

Ddos April 17, 2025

A new phishing campaign has emerged that hijacks trust not through inboxes, but through Google ads. Security...

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking

Ddos April 17, 2025

In a concerning escalation of social engineering and persistence techniques, cybersecurity firm ReliaQuest has uncovered a new...

APT29 Targets European Diplomats with Wine-Themed Phishing APT29, Phishing Campaign

APT29 Targets European Diplomats with Wine-Themed Phishing

Ddos April 17, 2025

A new wave of targeted phishing attacks aimed at European governments and diplomats is underway, with the...

CISA Alert: Actively Exploited SonicWall SMA100 Vulnerability SonicWall vulnerability, CVE-2021-20035 Vulnerability Exploitation

CISA Alert: Actively Exploited SonicWall SMA100 Vulnerability

Ddos April 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding CVE-2021-20035 to its Known...

Unprotected APIs Expose Data of 33,000 Employees API Security, Data Leak

Unprotected APIs Expose Data of 33,000 Employees

Ddos April 17, 2025

A recent discovery by CloudSEK’s BeVigil platform has highlighted the significant risks posed by unprotected Application Programming...

CrazyHunter Ransomware Targets Taiwan’s Critical Infrastructure CrazyHunter, Ransomware

CrazyHunter Ransomware Targets Taiwan’s Critical Infrastructure

Ddos April 17, 2025

Trend Micro has uncovered a targeted ransomware campaign conducted by a newly identified threat group dubbed CrazyHunter....

CVE Foundation Launched to Secure Vulnerability Tracking CVE Foundation, CVE Program

CVE Foundation Launched to Secure Vulnerability Tracking

Ddos April 16, 2025

In a major shift for the cybersecurity world, the CVE Foundation has officially been launched to ensure...

Oracle April 2025 CPU: 378 Security Patches Released Oracle CPU Oracle Patch Update

Oracle April 2025 CPU: 378 Security Patches Released

Ddos April 16, 2025

On April 15, 2025, Oracle released its latest Critical Patch Update (CPU), delivering a sweeping set of...

Top Cybersecurity Tools for 2025 Cybersecurity Tools Penetration Testing

Top Cybersecurity Tools for 2025

Ddos April 16, 2025

As cyber threats grow more sophisticated, so do the tools defenders use to counter them. In 2025,...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Critical Chrome Security Update: Patch CVE-2025-3619 & CVE-2025-3620 Now!

Ddos April 16, 2025

Google has released a critical security update for its Chrome browser, pushing version 135.0.7049.95/.96 to the Stable...

Waiting Thread Hijacking: A Stealthier Code Injection Technique Thread Hijacking Process Injection

Waiting Thread Hijacking: A Stealthier Code Injection Technique

Ddos April 16, 2025

Process injection is a technique frequently employed by attackers, with its variations appearing in numerous malware. This...

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994 DLL Hijacking, CVE-2025-24076

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994

Ddos April 16, 2025

In a revealing security analysis, Compass Security researcher John Ostrowski has disclosed two privilege escalation vulnerabilities in...

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign

Ddos April 16, 2025

The Sysdig Threat Research Team (TRT) has uncovered a new campaign by the Chinese state-sponsored threat actor...

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware

Ddos April 16, 2025

A recent discovery by Kandji’s research team has brought to light a sophisticated threat targeting macOS systems:...

Malicious npm Package Installs Reverse Shell via Payment Success Magento Credit Card Stealer npm package reverse shell

Malicious npm Package Installs Reverse Shell via Payment Success

Ddos April 16, 2025

A malicious npm package, disguised as a merchant integration for the Advcash payment platform, has been discovered...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Beware Fake PDF Converters: A Social Engineering Threat

Ddos April 16, 2025

In today’s digital age, online file converters have become indispensable tools for streamlining daily workflows. However, a...

Critical Alert 1 Active Exploit Detected Today