cybersecurity Archives • Page 86 of 88 • Daily CyberSecurity

SSL Certificate Validity Reduced to 47 Days After Apple Proposal SSL certificates, certificate validity

SSL Certificate Validity Reduced to 47 Days After Apple Proposal

Do Son April 14, 2025

Apple previously proposed to the CA/Browser Forum—an industry consortium overseeing the management of SSL/TLS certificates—that the validity...

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide ESP32 vulnerability Bitcoin security

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide

Do Son April 14, 2025

In a jaw-dropping revelation, researchers at Crypto Deep Tech have exposed a severe cryptographic vulnerability in the...

Nationwide Smishing Scam Targets Toll Road Users, Stealing Payment Data Sample phishing SMS messages

Nationwide Smishing Scam Targets Toll Road Users, Stealing Payment Data

Do Son April 14, 2025

A widespread and persistent SMS phishing (smishing) campaign, uncovered by the Cisco Talos team, has been targeting...

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data Crypto Scam, Executive Fraud business email compromise scam

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Do Son April 14, 2025

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Houthi Influence Campaign: Deceptive Tactics on Facebook Target Israel and Gulf States Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Houthi Influence Campaign: Deceptive Tactics on Facebook Target Israel and Gulf States

Do Son April 14, 2025

In a recent cybersecurity analysis, ClearSky’s team uncovered a persistent influence campaign originating from Yemen/Houthi, targeting Israel...

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap weekly cybersecurity, critical vulnerabilities

Critical Vulnerabilities & Major Cyberattacks: April 7-13 Recap

Do Son April 13, 2025

The cybersecurity landscape has witnessed significant activity over the past week (April 7th – April 13th), with...

Precision-Validated Phishing: A New Era of Targeted Credential Theft Precision-Validated Phishing Credential Theft

Precision-Validated Phishing: A New Era of Targeted Credential Theft

Do Son April 12, 2025

A recent report by Cofense Intelligence reveals a game-changing phishing technique called Precision-Validated Phishing—a surgical approach to...

AkiraBot: AI-Powered Spam Bot Floods Websites with Personalized Messages AkiraBot AI Spam

AkiraBot: AI-Powered Spam Bot Floods Websites with Personalized Messages

Do Son April 12, 2025

Spammers are constantly adapting their tactics to exploit new digital communication channels. A recent report by SentinelLABS...

RemoteMonologue: New DCOM Attack Bypasses LSASS Protection RemoteMonologue DCOM attack

RemoteMonologue: New DCOM Attack Bypasses LSASS Protection

Do Son April 11, 2025

In a technical deep-dive, IBM’s X-Force Red has revealed a stealthy new lateral movement and credential access...

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered Joomla Vulnerability SQL Injection

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered

Do Son April 11, 2025

The Joomla Project has issued two security announcements addressing two significant vulnerabilities affecting its CMS and database...

Microsoft Enhances Exchange and SharePoint Security with AMSI Integration Microsoft AMSI Exchange Server Security

Microsoft Enhances Exchange and SharePoint Security with AMSI Integration

Do Son April 11, 2025

Microsoft has announced enhanced security measures for its Exchange Server and SharePoint Server products, both of which...

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies

Do Son April 11, 2025

A new report from BI.ZONE Threat Intelligence reveals that the threat actor Sapphire Werewolf is actively refining...

SideCopy APT Group Evolves Tactics, Targets Critical Indian Infrastructure SideCopy APT Cybersecurity Threats

SideCopy APT Group Evolves Tactics, Targets Critical Indian Infrastructure

Do Son April 11, 2025

The cyber threat landscape is in constant flux, with threat actors continuously refining their techniques to breach...

CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150) CVE-2024-28986 exploitation SolarWinds Web Help Desk Linux Vulnerability CVE-2024-53197

CVE-2024-28986 exploitation SolarWinds Web Help Desk Linux Vulnerability CVE-2024-53197

CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150)

Do Son April 10, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after adding two newly discovered Linux...

Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE

Do Son April 10, 2025

In a deep dive published by Guy Bruneau, Senior Security Consultant and former network engineer, the lingering...

Scattered Spider Evolving: New Tactics and Spectre RAT Scattered Spider Tactics Phishing kits

Scattered Spider Evolving: New Tactics and Spectre RAT

Do Son April 10, 2025

The threat landscape is in a constant state of flux, with cybercriminal groups continually adapting their techniques...

Critical SSRF Vulnerability Patched in LNbits Lightning Wallet Server LNbits SSRF LNURL Vulnerability

Critical SSRF Vulnerability Patched in LNbits Lightning Wallet Server

Do Son April 10, 2025

LNbits, the modular and extendable Lightning Network wallet server, has patched a critical Server-Side Request Forgery (SSRF)...

High-Severity XXE Vulnerability Found in NAKIVO Backup & Replication NAKIVO XXE vulnerability CVE-2025-32406

High-Severity XXE Vulnerability Found in NAKIVO Backup & Replication

Do Son April 10, 2025

A high-severity security vulnerability has been identified in NAKIVO Backup & Replication, a popular data protection solution....

“Pick Your Poison” Phishing Attack: Credentials or Malware? Phishing Attack Double-edged phishing

“Pick Your Poison” Phishing Attack: Credentials or Malware?

Do Son April 10, 2025

Cybercriminals have upped their game with a phishing campaign so cunning, it offers victims a choice—between stolen...

Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP) Tool Poisoning Attack MCP Vulnerability

Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP)

Do Son April 10, 2025

Invariant Labs has disclosed a critical vulnerability in the Model Context Protocol (MCP) that enables what they...