DLL hijacking Archives • Daily CyberSecurity

The Intel “AppDomain” Hijack: Unmasking a Sophisticated Post-Exploitation Framework phan

The Intel “AppDomain” Hijack: Unmasking a Sophisticated Post-Exploitation Framework

Do Son April 22, 2026

A new and highly advanced threat has emerged in the financial sectors of the Middle East and...

Google Forms Weaponized: New “PureHVNC” Campaign Targets Professionals via LinkedIn PureHVNC RAT Google Forms Phishing

Google Forms Weaponized: New “PureHVNC” Campaign Targets Professionals via LinkedIn

Do Son March 27, 2026

A sophisticated new malware campaign is turning a trusted business tool into a launchpad for cyber espionage....

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX

Do Son March 10, 2026

Following recent regional escalations, researchers have identified a sharp increase in activity from Chinese-nexus APT (Advanced Persistent...

Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading FileZilla Malware DLL Hijacking

Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading

Do Son March 4, 2026

Cybersecurity researchers from Malwarebytes have identified a dangerous new campaign circulating a trojanized version of the popular...

Splunk Windows Flaws Expose Servers to System Takeover

Do Son February 19, 2026

Splunk administrators operating in Windows environments face a double threat this week. A new security advisory reveals...

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public Windows Storage EoP CVE-2026-21508

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public

Do Son February 12, 2026

A critical Elevation of Privilege (EoP) vulnerability in Windows Storage, tracked as CVE-2026-21508, has moved from a...

High-Severity Flaw in Western Digital Installer Opens Door to Code Execution WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

High-Severity Flaw in Western Digital Installer Opens Door to Code Execution

Do Son January 27, 2026

Western Digital, a titan in the data storage industry, has rolled out a critical update for its...

Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access

Do Son January 9, 2026

Trend Micro has issued a critical security alert for users of Apex Central (on-premise), patching a dangerous...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Eaton UPS Software Flaws Expose Systems to High-Risk Code Execution

Do Son January 5, 2026

Power management giant Eaton dropped a critical security advisory on Christmas Eve, warning users of its UPS...

“Silver Fox” Unmasked: Chinese APT Group Impersonates Indian Tax Officials in Targeted Cyber Campaign Silver Fox APT, Valley RAT

“Silver Fox” Unmasked: Chinese APT Group Impersonates Indian Tax Officials in Targeted Cyber Campaign

Do Son December 26, 2025

As tax season approaches, a sophisticated cyber-espionage campaign is targeting Indian organizations with highly convincing phishing lures....

APT-36 Uses Fake “WhatsApp Fraud” Advisory to Hack Government Systems TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

APT-36 Uses Fake “WhatsApp Fraud” Advisory to Hack Government Systems

Do Son December 24, 2025

The sophisticated threat group APT-36 is hacking government systems by warning them about hackers. A new intelligence...

Windows Admin Center Flaw (CVE-2025-64669): How a Simple Folder Permission Opened the Door to SYSTEM Access

Do Son December 17, 2025

A high-severity security oversight in Microsoft’s Windows Admin Center (WAC) has been unearthed, revealing how a basic...

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Do Son December 1, 2025

A significant crack has been discovered in the armor of Windows Administrator Protection, potentially allowing low-privileged attackers...

Iranian APT UNC1549 Infiltrates Aerospace by Hijacking Trusted DLLs and Executing VDI Breakouts PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

Iranian APT UNC1549 Infiltrates Aerospace by Hijacking Trusted DLLs and Executing VDI Breakouts

Do Son November 19, 2025

The threat group UNC1549, suspected to be linked to Iran, has significantly expanded its cyber-espionage operations across...

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central

Do Son October 6, 2025

QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak...

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation Sunshine for Windows, vulnerability

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation

Do Son September 11, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of two critical local security flaws...

Mandiant Uncovers USB-Borne Malware Campaign Deploying Cryptocurrency Miners

Do Son August 21, 2025

Mandiant’s Managed Threat Defense team has released a detailed analysis of a rapidly spreading USB-based malware campaign...

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2 Cyberespionage, DLL Hijacking

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2

Do Son July 31, 2025

Kaspersky Labs has revealed a highly obfuscated cyberespionage campaign targeting Russian IT companies and global businesses, employing...

CERT Warns of Privilege Escalation Vulnerability in Lakeside SysTrack (CVE-2025-6241) WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation