cybersecurity Archives • Page 83 of 88 • Daily CyberSecurity

AiTM Attacks Bypass MFA Despite Widespread Adoption cyber

AiTM Attacks Bypass MFA Despite Widespread Adoption

Do Son May 4, 2025

Despite widespread adoption of multi-factor authentication (MFA) as a critical safeguard against unauthorized access, cybercriminals are once...

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154) Ladybird, use-after-free

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Do Son May 2, 2025

The Ladybird browser engine, a relatively new entrant originating from the SerenityOS project, has been found to...

Sophisticated Attacks Employ Cobalt Strike, DLL Sideloading, and Evolving Tactics

Do Son May 1, 2025

In a sophisticated campaign that spanned multiple regions and techniques, Sophos researchers uncovered a cluster of targeted...

4Chan Resumes Operation After Hack, Cites Funding Issues 4chan hack 4chan data breach

4Chan Resumes Operation After Hack, Cites Funding Issues

Do Son April 29, 2025

The internet forum 4chan, which recently suffered a major data breach following a hacker attack, has begun...

Weaponized Uyghur Language Software: Citizen Lab Uncovers Targeted Malware Campaign Microsoft Office, CVE-2017-11882

Weaponized Uyghur Language Software: Citizen Lab Uncovers Targeted Malware Campaign

Do Son April 29, 2025

In a new report, researchers at Citizen Lab have exposed a spearphishing campaign targeting senior members of...

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks Quick Agent Vulnerability, Ricoh MFP Security

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks

Do Son April 29, 2025

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued an alert regarding multiple critical vulnerabilities...

Darcula-Suite: AI Revolutionizes Phishing-as-a-Service Operations Darcula-Suite, Phishing-as-a-Service

Darcula-Suite: AI Revolutionizes Phishing-as-a-Service Operations

Do Son April 27, 2025

Netcraft researchers have uncovered a major development in the world of phishing-as-a-service (PhaaS): an update to the...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Do Son April 26, 2025

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment...

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics Kimsuky Group PebbleDash Malware

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics

Do Son April 25, 2025

A recent report by the AhnLab Security intelligence Center (ASEC) has uncovered the latest tactics employed by...

CVE-2025-34028: Critical RCE Flaw in Commvault Command Center Scores CVSS 10 Commvault vulnerability CVE-2025-34028

CVE-2025-34028: Critical RCE Flaw in Commvault Command Center Scores CVSS 10

Do Son April 24, 2025

Commvault has disclosed a critical vulnerability affecting its Command Center, identified as CVE-2025-34028, with the maximum CVSS...

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks OAuth Phishing Microsoft 365 OAuth

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks

Do Son April 24, 2025

Volexity has identified a series of advanced social engineering operations by suspected Russian threat actors targeting Microsoft...

FormBook Malware Spreads via Sophisticated Phishing Attack FormBook CVE-2017-11882

FormBook Malware Spreads via Sophisticated Phishing Attack

Do Son April 24, 2025

A new phishing campaign distributing the FormBook infostealer malware has been uncovered by Fortinet’s FortiGuard Labs, targeting...

Critical RCE Vulnerability in Erlang/OTP SSH Server Impacts Multiple Cisco Products Cisco vulnerability Remote Code Execution

Critical RCE Vulnerability in Erlang/OTP SSH Server Impacts Multiple Cisco Products

Do Son April 23, 2025

A critical remote code execution (RCE) vulnerability tracked as CVE-2025-32433 has disclosed. This flaw resides in the...

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery Infection chains distributing AsyncRAT

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery

Do Son April 23, 2025

In a detailed report by the Sekoia Threat Detection & Research (TDR) team, researchers have unveiled a...

Malicious Packages Stealing Crypto Credentials: A Warning for Developers npm package, crypto drainer Malicious Packages Cryptocurrency Theft

npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious Packages Stealing Crypto Credentials: A Warning for Developers

Do Son April 23, 2025

The Socket Threat Research Team has exposed three malicious open-source packages masquerading as developer tools — designed...

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains Lumma Stealer Malware Distribution

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains

Do Son April 23, 2025

The cybercriminal landscape is constantly evolving, with Malware-as-a-Service (MaaS) lowering the bar for entry and information stealers...

Deepfakes and Deception: The Rise of Synthetic Identities in Remote Work Deepfakes Synthetic Identity

Deepfakes and Deception: The Rise of Synthetic Identities in Remote Work

Do Son April 23, 2025

In an era where remote work is increasingly prevalent, a new cybersecurity threat has emerged: the use...

Sophisticated Backdoor Attack Targets ViPNet Networks Backdoor ViPNet

Sophisticated Backdoor Attack Targets ViPNet Networks

Do Son April 22, 2025

In a recent cybersecurity incident, a sophisticated backdoor targeting large organizations in Russia has been uncovered. The...

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch WinZip vulnerability MotW bypass CVE-2025-33028

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch

Do Son April 22, 2025

A security flaw has been unearthed in WinZip, the popular file compression utility, placing millions of users...

FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation FOG ransomware, phishing

FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation

Do Son April 22, 2025

Trend Micro has identified a recent campaign involving FOG ransomware, demonstrating the adaptability of cybercriminals in their...