data exfiltration Archives • Page 3 of 4 • Daily CyberSecurity

BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

Do Son July 15, 2025

A recent Cybereason investigation has shed light on a highly coordinated and destructive ransomware campaign carried out...

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS Apache Jackrabbit, JNDI injection CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS

Do Son July 14, 2025

A critical XML External Entity (XXE) vulnerability has been identified in multiple versions of Apache Jackrabbit, a...

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents! NordDragonScan, Infostealer

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents!

Do Son July 8, 2025

FortiGuard Labs has issued a critical alert regarding a new and actively exploited infostealer malware campaign. Dubbed...

Apple Sues Ex-Vision Pro Engineer Di Liu: Accused of Stealing Secrets & Joining Competitor Snap Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Sues Ex-Vision Pro Engineer Di Liu: Accused of Stealing Secrets & Joining Competitor Snap

Do Son July 2, 2025

As development on the successor to the Vision Pro continues apace, Apple has recently filed a lawsuit...

RansomHub Breach: Six-Day Attack Leveraged RDP, RMM Tools & Mimikatz for Data Exfiltration & Ransomware INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

RansomHub Breach: Six-Day Attack Leveraged RDP, RMM Tools & Mimikatz for Data Exfiltration & Ransomware

Do Son June 30, 2025

The DFIR Report’s latest case study exposes the meticulous six-day operation of a threat actor who leveraged...

GIFTEDCROOK Evolves: Arctic Wolf Labs Exposes Threat Group UAC-0226’s Espionage on Ukraine

Do Son June 27, 2025

In a major revelation, Arctic Wolf Labs has exposed a series of escalating cyber-espionage campaigns launched by...

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

Do Son June 16, 2025

In 2025, cybersecurity analysts witnessed the emergence of a sophisticated and highly evasive info-stealer known as Katz...

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks Smartwatch Hacking, Air-Gapped Data Exfiltration

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks

Do Son June 16, 2025

A study by Mordechai Guri of Ben-Gurion University unveils a chilling new vector for data exfiltration: smartwatches....

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot AI Security, Data Exfiltration

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot

Do Son June 13, 2025

In the age of artificial intelligence, a multitude of AI agents has emerged, yet their rapid proliferation...

Warning: “Sleeper Agent” Chrome Extensions Infect 1.5 Million Users!

Do Son June 6, 2025

Browser security firm LayerX has identified a covert network of malicious Chrome extensions acting as “sleeper agents”—seemingly...

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps

Do Son June 6, 2025

Google Threat Intelligence Group (GTIG) has sounded the alarm on UNC6040, a financially motivated threat cluster waging...

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities WordPress Malware, Hidden Plugin

New WordPress Malware Masquerades as Legit Plugin with Data Exfiltration and RCE Capabilities

Do Son June 4, 2025

The Wordfence Threat Intelligence team has uncovered a deceptive and highly persistent WordPress malware variant that disguises...

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks Esri ArcGIS, SSRF Vulnerability

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

Do Son June 2, 2025

Esri has issued a critical security patch for its widely used Portal for ArcGIS software, addressing a...

Toxic Agent Flow: GitHub MCP Vulnerability Exposes Private Repositories GitHub MCP vulnerability AI agent hijacking

Toxic Agent Flow: GitHub MCP Vulnerability Exposes Private Repositories

Do Son May 28, 2025

Invariant Labs has revealed a critical vulnerability in the widely used GitHub MCP server that enables attackers...

Chrome Web Store Under Siege: 40+ Malicious Extensions Found Stealing Data Chrome Web Store malware, browser hijacking

Chrome Web Store Under Siege: 40+ Malicious Extensions Found Stealing Data

Do Son May 26, 2025

LayerX has uncovered more than 40 malicious browser extensions involved in three coordinated phishing campaigns—many still live...

Stealthy Data Theft: Hackers Use Legitimate DB Client Tools for Exfiltration

Do Son May 25, 2025

In recent breach incidents, threat actors have evolved their methods beyond traditional intrusion tactics, now opting for...

Print Security Warning: Canon Printers Exposed to Data Theft Printer security, Canon update

Print Security Warning: Canon Printers Exposed to Data Theft

Do Son May 23, 2025

Canon has issued a security advisory warning customers about two high-severity vulnerabilities—CVE-2025-3078 and CVE-2025-3079—that affect a range...

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics Gunra Ransomware, ransomware analysis

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics

Do Son May 7, 2025

CYFIRMA has released an in-depth analysis of a newly emerging cyber threat: Gunra Ransomware. This report details...

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis Lumma Stealer InfoStealer

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis

Do Son April 25, 2025

Lumma Stealer, a prevalent threat since its emergence in 2022, continues to evolve its tactics to evade...

Magecart Attack Uncovered: Obfuscated JavaScript Steals Credit Card Data WordPress Backdoor

Magecart Attack Uncovered: Obfuscated JavaScript Steals Credit Card Data

Do Son April 22, 2025

The Yarix Incident Response Team has uncovered a sophisticated web skimming operation that weaponized obfuscated JavaScript to...