infosec Archives • Page 30 of 45 • Daily CyberSecurity

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies DarkSword Exploit iOS Zero-Day

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies

Ddos March 22, 2026

In a comprehensive technical disclosure, the Google Threat Intelligence Group (GTIG) has revealed the existence of a...

Weaponizing Trust: FBI Warns Iran’s MOIS is Using Telegram as a Malware C2 Hub Telegram C2 Iran MOIS

Weaponizing Trust: FBI Warns Iran’s MOIS is Using Telegram as a Malware C2 Hub

Ddos March 22, 2026

The Federal Bureau of Investigation (FBI) has issued a high-priority “FLASH” alert detailing a sophisticated cyber-intelligence operation...

Disconnect Immediately: Rockwell Automation Issues Urgent Warning for Industrial Controllers

Ddos March 22, 2026

In a proactive move aimed at securing critical infrastructure, Rockwell Automation has issued a high-priority “Important Notice”...

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data Windsurf Stealer Solana Blockchain Malware

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data

Ddos March 22, 2026

Security researchers at Bitdefender have uncovered a sophisticated cyberattack targeting the developer community through a malicious extension...

Turf War in Your Living Room: ‘Katana’ Botnet Hijacks Android TV Boxes with Custom Rootkits Katana Botnet Android TV Malware

Turf War in Your Living Room: ‘Katana’ Botnet Hijacks Android TV Boxes with Custom Rootkits

Ddos March 22, 2026

A specialized report from the Nokia Deepfield Emergency Response Team (ERT) has identified a sharp escalation in...

FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps Signal Phishing CMA Account Takeover

FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps

Ddos March 22, 2026

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a...

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover IP-KVM Vulnerabilities Hardware Security

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover

Ddos March 22, 2026

Security researchers Reynaldo Vasquez Garcia and Paul Asadoorian from Eclypsium have issued a warning regarding a category...

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV

Ddos March 21, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding five...

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure Netwrix Vulnerability Password Secure

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure

Ddos March 21, 2026

Netwrix has issued an urgent security advisory following an internal review that uncovered multiple high-severity vulnerabilities in...

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

Ddos March 21, 2026

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution....

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover

Ddos March 21, 2026

Oracle has issued an urgent security alert following the discovery of a “Critical” rated vulnerability impacting its...

Weaponizing gcc: Inside the Stealthy ‘Hex’ Botnet’s On-Host Compilation Strategy Hex Botnet On-Host Compilation

Weaponizing gcc: Inside the Stealthy ‘Hex’ Botnet’s On-Host Compilation Strategy

Ddos March 21, 2026

Security researchers at Hunt Intelligence have exposed a growing 15-node botnet operation that utilizes a unique “on-host...

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw

Ddos March 21, 2026

Apple has broken new ground in its defensive strategy, utilizing a “Background Security Improvements” feature to deliver...

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints

Ddos March 20, 2026

Security researchers have issued a double warning for developers using the Spring Boot framework, identifying two high-severity...

New Mirai Variant and “Monaco” Miner Targeting Linux Devices Linux Malware CondiBot

New Mirai Variant and “Monaco” Miner Targeting Linux Devices

Ddos March 20, 2026

Security researchers at Eclypsium have identified two distinct and previously undocumented malware strains targeting Linux-based systems. On...

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes Windows libarchive Flaw CVE-2025-59284

PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes

Ddos March 20, 2026

Security researchers Len Sadowski and Oğuz Bektaş have publicly pulled back the curtain on a vulnerability within...

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets

Ddos March 20, 2026

A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters....

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Game Over: Vidar Stealer 2.0 is Hijacking Gamers with Fake Cheats

Ddos March 20, 2026

A massive malware distribution campaign has been uncovered targeting the global gaming community under the guise of...

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail Operation GhostMail Zero-Click XSS

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail

Ddos March 20, 2026

A sophisticated cyberespionage campaign, dubbed Operation GhostMail, has been detected targeting critical government infrastructure in Ukraine. Security...

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE CursorJack Cursor Vulnerability

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE

Ddos March 20, 2026

Security researchers at Proofpoint Threat Research have detailed a novel exploitation method dubbed CursorJack, which targets the...

Critical Alert 1 Active Exploit Detected Today