cybersecurity Archives • Page 84 of 86 • Daily CyberSecurity

BRICKSTORM Backdoor Targets European Industries BRICKSTORM, Cyber Espionage

BRICKSTORM Backdoor Targets European Industries

Ddos April 16, 2025

In a recent technical expose, NVISO sheds light on BRICKSTORM, a stealthy espionage backdoor attributed to the...

ResolverRAT: New RAT Employs Advanced Evasion Techniques Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

ResolverRAT: New RAT Employs Advanced Evasion Techniques

Ddos April 15, 2025

A new remote access trojan (RAT) has emerged, and it’s armed with advanced techniques to evade detection....

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature Project Quarantine PyPI Security Privilege Escalation

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature

Ddos April 15, 2025

On April 14, 2025, the Python Package Index (PyPI) team swiftly addressed a security concern involving persisting...

Vulnerabilities in Solar Power Systems Threaten Power Grids Solar power systems, cybersecurity vulnerabilities

Vulnerabilities in Solar Power Systems Threaten Power Grids

Ddos April 15, 2025

A new report by Forescout reveals critical vulnerabilities in solar power systems that could be exploited to...

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign

Ddos April 15, 2025

A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN...

Subdomain Takeovers: A Growing Supply Chain Threat Subdomain takeover, supply chain attack

Subdomain Takeovers: A Growing Supply Chain Threat

Ddos April 15, 2025

Subdomain takeovers, a type of attack where an attacker gains control of an organization’s improperly configured or...

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD

Ddos April 15, 2025

In a covert campaign targeting the UK Ministry of Defence, a sophisticated malware dubbed DAMASCENED PEACOCK has...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Fortinet Uncovers Threat Actor Persistence via Symbolic Link Exploit in FortiGate Devices

Ddos April 14, 2025

In an urgent alert to the cybersecurity community, Fortinet has detailed an active threat campaign exploiting known...

SSL Certificate Validity Reduced to 47 Days After Apple Proposal SSL certificates, certificate validity

SSL Certificate Validity Reduced to 47 Days After Apple Proposal

Ddos April 14, 2025

Apple previously proposed to the CA/Browser Forum—an industry consortium overseeing the management of SSL/TLS certificates—that the validity...

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide ESP32 vulnerability Bitcoin security

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide

Ddos April 14, 2025

In a jaw-dropping revelation, researchers at Crypto Deep Tech have exposed a severe cryptographic vulnerability in the...

Nationwide Smishing Scam Targets Toll Road Users, Stealing Payment Data Sample phishing SMS messages

Nationwide Smishing Scam Targets Toll Road Users, Stealing Payment Data

Ddos April 14, 2025

A widespread and persistent SMS phishing (smishing) campaign, uncovered by the Cisco Talos team, has been targeting...

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data Crypto Scam, Executive Fraud business email compromise scam

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Ddos April 14, 2025

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Houthi Influence Campaign: Deceptive Tactics on Facebook Target Israel and Gulf States Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Houthi Influence Campaign: Deceptive Tactics on Facebook Target Israel and Gulf States

Ddos April 14, 2025

In a recent cybersecurity analysis, ClearSky’s team uncovered a persistent influence campaign originating from Yemen/Houthi, targeting Israel...

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap weekly cybersecurity, critical vulnerabilities

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap

Ddos April 13, 2025

The cybersecurity landscape has witnessed significant activity over the past week (April 7th – April 13th), with...

Precision-Validated Phishing: A New Era of Targeted Credential Theft Precision-Validated Phishing Credential Theft

Precision-Validated Phishing: A New Era of Targeted Credential Theft

Ddos April 12, 2025

A recent report by Cofense Intelligence reveals a game-changing phishing technique called Precision-Validated Phishing—a surgical approach to...

AkiraBot: AI-Powered Spam Bot Floods Websites with Personalized Messages AkiraBot AI Spam

AkiraBot: AI-Powered Spam Bot Floods Websites with Personalized Messages

Ddos April 12, 2025

Spammers are constantly adapting their tactics to exploit new digital communication channels. A recent report by SentinelLABS...

RemoteMonologue: New DCOM Attack Bypasses LSASS Protection RemoteMonologue DCOM attack

RemoteMonologue: New DCOM Attack Bypasses LSASS Protection

Ddos April 11, 2025

In a technical deep-dive, IBM’s X-Force Red has revealed a stealthy new lateral movement and credential access...

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered Joomla Vulnerability SQL Injection

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered

Ddos April 11, 2025

The Joomla Project has issued two security announcements addressing two significant vulnerabilities affecting its CMS and database...

Microsoft Enhances Exchange and SharePoint Security with AMSI Integration Microsoft AMSI Exchange Server Security

Microsoft Enhances Exchange and SharePoint Security with AMSI Integration

Ddos April 11, 2025

Microsoft has announced enhanced security measures for its Exchange Server and SharePoint Server products, both of which...

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies

Ddos April 11, 2025

A new report from BI.ZONE Threat Intelligence reveals that the threat actor Sapphire Werewolf is actively refining...

Critical Alert 1 Active Exploit Detected Today