data exfiltration Archives • Daily CyberSecurity

Stealth & Automation: Seedworm’s 2026 Global Campaign Hijacks Security Software to Deploy ChromElevator Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Stealth & Automation: Seedworm’s 2026 Global Campaign Hijacks Security Software to Deploy ChromElevator

Do Son May 15, 2026

A sprawling espionage campaign linked to the Iranian state has been uncovered, revealing a significant evolution in...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

GemStuffer: Attackers Weaponize RubyGems as a Covert Data Drop for UK Gov Scraping

Do Son May 13, 2026

Security researchers are sounding the alarm on a highly resourceful new campaign dubbed “GemStuffer.” Uncovered by Socket’s...

AI Hijacked: Critical Claude Chrome Extension Flaw Allows Malicious Scripts to Control Your AI Claude Extension Vulnerability AI Agent Hijacking

Claude Extension Vulnerability AI Agent Hijacking

AI Hijacked: Critical Claude Chrome Extension Flaw Allows Malicious Scripts to Control Your AI

Do Son May 11, 2026

Artificial intelligence assistants are rapidly becoming integrated into our daily workflows, but what happens when a trusted...

Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag MuddyWater APT Ransomware False Flag

Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag

Do Son May 11, 2026

According to a recent investigation by Rapid7 Labs, a sophisticated intrusion initially appearing to be a standard...

“TanStack”: Malicious Name-Squatting Campaign Steals Environment Secrets TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

“TanStack”: Malicious Name-Squatting Campaign Steals Environment Secrets

Do Son May 2, 2026

Security researchers have uncovered a supply-chain attack on npm targeting developers who mistakenly install the unscoped tanstack...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Checkmarx Falls Victim to Credential Harvesting Attack

Do Son April 29, 2026

Checkmarx, a global leader in application security testing, has disclosed a significant breach of its internal systems....

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory Trigona Ransomware Custom Exfiltration Tool

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory

Do Son April 25, 2026

The ransomware landscape is witnessing a sophisticated shift in how data is stolen. While most cybercriminal groups...

Microsoft Teams Exploited for Silent Enterprise Takeovers Teams Impersonation Administrative Abuse

Microsoft Teams Exploited for Silent Enterprise Takeovers

Do Son April 22, 2026

A new investigative report from the Microsoft Defender Security Research Team has unmasked a sophisticated intrusion chain...

The New Lockdown: How Microsoft’s April 2026 Update Silos Remote Desktop to Kill Phishing Microsoft source code Windows RDP Security Update

The New Lockdown: How Microsoft’s April 2026 Update Silos Remote Desktop to Kill Phishing

Do Son April 16, 2026

Within the April 2026 update cycle, Microsoft has implemented rigorous security enhancements to the Remote Desktop Protocol....

Attackers Weaponize Mailbox Rules to Control Your Inbox M365 Persistence Malicious Mailbox Rules

Attackers Weaponize Mailbox Rules to Control Your Inbox

Do Son April 15, 2026

In the modern landscape of Microsoft 365 security, the most dangerous threat might not be a sophisticated...

Critical SSRF Flaw Discovered in Axios – CVE-2025-62718 (CVSS 9.3) Axios Vulnerability NO_PROXY Bypass

Critical SSRF Flaw Discovered in Axios – CVE-2025-62718 (CVSS 9.3)

Do Son April 14, 2026

In the complex architecture of modern web applications, the difference between a secure internal request and a...

The Weakest Link: How “Transit Hubs” are Quietly Draining Crypto and Stealing AI Data API Transit Hub Vulnerabilities

The Weakest Link: How “Transit Hubs” are Quietly Draining Crypto and Stealing AI Data

Do Son April 13, 2026

Recently, a research contingent published a scholarly treatise detailing an exhaustive security audit of various API aggregators—commonly...

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI Vertex AI Security AI Double Agents

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI

Do Son April 6, 2026

As organizations race to integrate autonomous systems into their workflows, a new and subtle threat is emerging...

OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

The DNS Trap: How a “Hidden” Path Allowed ChatGPT to Silently Leak Your Private Data

Do Son April 6, 2026

In the world of AI, trust is built on a simple, unspoken agreement: what stays in the...

Inside the Rapid Evolution of the BlankGrabber Stealer BlankGrabber Stealer Python Malware Analysis

Inside the Rapid Evolution of the BlankGrabber Stealer

Do Son April 3, 2026

A deep-dive analysis by the Splunk Threat Research Team (STRT) has shed light on BlankGrabber, a Python-based...

Inside the BRUSHWORM Malware Campaign Bridging Air-Gaps with USB “Sleeper” Cells Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Inside the BRUSHWORM Malware Campaign Bridging Air-Gaps with USB “Sleeper” Cells

Do Son April 2, 2026

A recent investigation by Elastic Security Labs has uncovered a targeted campaign against a South Asian financial...

Critical RCE Flaw in PTC Windchill and FlexPLM Puts Product Data at Risk PTC Windchill RCE Insecure Deserialization

Critical RCE Flaw in PTC Windchill and FlexPLM Puts Product Data at Risk

Do Son March 26, 2026

PTC has issued a high-priority security advisory regarding a critical vulnerability affecting its Windchill and FlexPLM product...

‘Speagle’ Malware Hijacks Security Software to Steal Missile Secrets TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

‘Speagle’ Malware Hijacks Security Software to Steal Missile Secrets

Do Son March 23, 2026

In a sophisticated display of “parasitic” engineering, a mysterious new threat has been discovered living within the...

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak Spring Boot Actuator Malware-less Attack

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak

Do Son March 23, 2026

A recent investigation by Trend Micro has revealed a case study where a devastating data exfiltration incident...

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor LeakyLooker Looker Studio Vulnerability

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor

Do Son March 15, 2026

Business Intelligence (BI) tools are often viewed as “polished mirrors reflecting an organization’s data in beautiful, actionable...