infosec Archives • Page 36 of 45 • Daily CyberSecurity

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server ClipXDaemon Linux Malware

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server

Ddos March 10, 2026

Cybersecurity researchers have identified a specialized new threat targeting Linux users that breaks the traditional mold of...

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision AWS Phishing AiTM Attack

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision

Ddos March 9, 2026

In a sophisticated escalation of cloud-targeting attacks, Datadog Security Research has uncovered an active adversary-in-the-middle (AiTM) phishing...

Escalation in the Shadows: Iranian APT Seedworm Deploys ‘Dindoor’ Backdoor in New Cyberoffensive Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Escalation in the Shadows: Iranian APT Seedworm Deploys ‘Dindoor’ Backdoor in New Cyberoffensive

Ddos March 9, 2026

As geopolitical tensions escalate in the Middle East, the digital battlefield is seeing a parallel surge in...

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor

Ddos March 9, 2026

Security researchers from TrendMicro have identified a sophisticated new threat actor utilizing SEO-optimized GitHub repositories to distribute...

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE Zephyr RTOS Vulnerability CVE-2026-1678

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE

Ddos March 9, 2026

Security researchers have disclosed a critical memory-safety vulnerability in the Zephyr Project, a high-profile, scalable real-time operating...

Vault Unlocked: High-Severity Flaws in Vaultwarden Expose Encrypted Secrets and Allow Privilege Escalation Vaultwarden Vulnerabilities CVE-2026-27898

Vaultwarden Vulnerabilities CVE-2026-27898

Vault Unlocked: High-Severity Flaws in Vaultwarden Expose Encrypted Secrets and Allow Privilege Escalation

Ddos March 9, 2026

Security researchers have identified a series of critical vulnerabilities in Vaultwarden, the popular lightweight, self-hosted alternative to...

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection SiYuan XSS Vulnerability CVE-2026-29183

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection

Ddos March 9, 2026

Security researchers have disclosed a high-severity vulnerability in SiYuan, the popular privacy-first personal knowledge management system. The...

Critical Bypasses and Secret Leaks Patched in Apache ZooKeeper CVE-2023-44981 Apache ZooKeeper Vulnerabilities CVE-2026-24281

Critical Bypasses and Secret Leaks Patched in Apache ZooKeeper

Ddos March 9, 2026

The Apache Software Foundation has released an urgent security update for Apache ZooKeeper, the mission-critical service used...

Polygon Powered: Vietnamese Operator Deploys 16 Generations of LuaJIT Malware via GitHub Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Polygon Powered: Vietnamese Operator Deploys 16 Generations of LuaJIT Malware via GitHub

Ddos March 9, 2026

Security researchers have uncovered a massive, year-long cyber campaign orchestrated by a Vietnamese-speaking operator who has turned...

1-Click to Compromise: Critical 9.3 CVSS Flaw in ZITADEL Exposes Accounts to Full Takeover ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

1-Click to Compromise: Critical 9.3 CVSS Flaw in ZITADEL Exposes Accounts to Full Takeover

Ddos March 9, 2026

Security researchers have disclosed a high-severity vulnerability in ZITADEL, the popular open-source identity and access management (IAM)...

From Theory to Threat: Hackers Are Now Weaponizing Web Pages to Brainwash AI Agents axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

From Theory to Threat: Hackers Are Now Weaponizing Web Pages to Brainwash AI Agents

Ddos March 9, 2026

For years, the security community has debated the theoretical risks of “tricking” Artificial Intelligence through its input...

Dust Specter: Iran-Linked Hackers Weaponize Iraqi Government Sites in New Cyber Espionage Campaign Zyxel security - Mitel MiCollab Vulnerability

Zyxel security - Mitel MiCollab Vulnerability

Dust Specter: Iran-Linked Hackers Weaponize Iraqi Government Sites in New Cyber Espionage Campaign

Ddos March 9, 2026

Cybersecurity researchers at Zscaler ThreatLabz have uncovered a persistent espionage campaign targeting government officials in Iraq. Attributed...

Unauthenticated Nginx UI Flaw Leaks Decryption Keys and Server Secrets Nginx UI Vulnerability CVE-2026-27944

Unauthenticated Nginx UI Flaw Leaks Decryption Keys and Server Secrets

Ddos March 8, 2026

Security researchers have uncovered a critical vulnerabilities in Nginx UI, a popular web-based interface used to manage...

AI vs. Bugs: OpenAI Launches “Codex Security” to Revolutionize AppSec OpenAI Advanced Account Security Phishing-Resistant AI Authentication OpenAI Codex Security AI Application Security

OpenAI Advanced Account Security Phishing-Resistant AI Authentication OpenAI Codex Security AI Application Security

AI vs. Bugs: OpenAI Launches “Codex Security” to Revolutionize AppSec

Ddos March 7, 2026

Recently, OpenAI has officially unveiled Codex Security, an advanced application security agent designed to identify and fix...

Unmasking the Shadows: A Global Hunt for PlugX Staging Infrastructure Mustang Panda C2 Procurement

Unmasking the Shadows: A Global Hunt for PlugX Staging Infrastructure

Ddos March 6, 2026

A new investigative report from threat researcher @goyaramen has shed light on a sophisticated C2 procurement strategy...

Unmasking Genisys: The AI-Powered Ad Fraud Scheme Silently Hijacking Your Smartphone Genisys Ad Fraud

Unmasking Genisys: The AI-Powered Ad Fraud Scheme Silently Hijacking Your Smartphone

Ddos March 6, 2026

The digital advertising landscape is facing a sophisticated new predator. The IAS Threat Lab has recently unmasked...

Exposed in Plain Sight: Critical Privacy Flaw Defeats Viber’s Anti-Censorship ‘Cloak’ Mode Viber Cloak Vulnerability CVE-2025-13476

Exposed in Plain Sight: Critical Privacy Flaw Defeats Viber’s Anti-Censorship ‘Cloak’ Mode

Ddos March 6, 2026

The CERT Coordination Center (CERT/CC) has issued a vulnerability note regarding a significant privacy flaw in Rakuten...

Stream Hijacked: Critical Zero-Click Command Injection Flaw Exposed in AVideo-Encoder AVideo-Encoder Vulnerability CVE-2026-29058

Stream Hijacked: Critical Zero-Click Command Injection Flaw Exposed in AVideo-Encoder

Ddos March 6, 2026

Security researchers have uncovered a critical vulnerability in AVideo-Encoder, a key component of the open-source AVideo Platform...

Motorola Smart Feed redirect Anthropic Amazon 5GW partnership Amazon Perplexity lawsuit AWS-LC Vulnerabilities Cryptographic Bypass AWS Middle East drone strikes Amazon layoffs 2026, Amazon AI restructuring Amazon Kindle DRM Policy, Publisher Control EPUB AWS Nova Forge AI Model Customization AWS Trainium3 EC2 Trn3 UltraServer Route 53 Accelerated Recovery AWS DNS Resilience AI Browser War, Amazon Comet Amazon layoffs, cost reduction AWS outage, DynamoDB DNS AWS outage, cloud dependency AWS VPN Client, Root Privilege Escalation WSA shutdown, Amazon Appstore Amazon Wondery, Podcast Restructuring Amazon Q2 2025 Generative AI AWS Client VPN, Privilege Escalation Amazon AI, Wearable AI

Cracking the Cloud’s Crypto: Unauthenticated Bypass Flaws Found in Amazon’s AWS-LC Library

Ddos March 6, 2026

Cybersecurity researchers have identified three significant vulnerabilities in AWS-LC, Amazon’s open-source cryptographic library used extensively across its...

Signed Malware Masquerading as Workplace Apps Deploys Persistent Backdoors EV Certificate Phishing RMM Backdoors

Signed Malware Masquerading as Workplace Apps Deploys Persistent Backdoors

Ddos March 6, 2026

Security researchers at Microsoft Defender Experts have uncovered a sophisticated phishing campaign that turns the tools of...