infosec Archives • Page 37 of 45 • Daily CyberSecurity

Unmasking OCRFix: The New Russian Botnet Hiding its C2 Infrastructure in the Blockchain OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

Unmasking OCRFix: The New Russian Botnet Hiding its C2 Infrastructure in the Blockchain

Ddos March 6, 2026

Cybersecurity researchers have uncovered a sophisticated new threat dubbed OCRFix, a three-stage botnet that utilizes an innovative...

Malicious PHP Packages Found Hidden in Laravel Ecosystem fast16 Malware Cyber Sabotage IronWind malware Stealc

Malicious PHP Packages Found Hidden in Laravel Ecosystem

Ddos March 6, 2026

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting PHP developers through Packagist, the...

Weaponized in the Wild: Public PoC Exploit Disclosed for Critical 10.0 Cisco SD-WAN Flaw Cisco SD-WAN Vulnerability CVE-2026-20127 CVE-2024-20481 - Daggerfly group

Cisco SD-WAN Vulnerability CVE-2026-20127 CVE-2024-20481 - Daggerfly group

Weaponized in the Wild: Public PoC Exploit Disclosed for Critical 10.0 Cisco SD-WAN Flaw

Ddos March 5, 2026

The cybersecurity landscape has shifted into high gear following the public disclosure of a critical authentication bypass...

Integer Overflow Flaw in Apache ActiveMQ Exposes MQTT Brokers to DoS ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

Integer Overflow Flaw in Apache ActiveMQ Exposes MQTT Brokers to DoS

Ddos March 5, 2026

The Apache Software Foundation has released a security update for Apache ActiveMQ, addressing a significant integer overflow...

Global Coalition Dismantles Tycoon 2FA’s Phishing Empire Tycoon 2FA AiTM Phishing

Global Coalition Dismantles Tycoon 2FA’s Phishing Empire

Ddos March 5, 2026

A global powerhouse of law enforcement and private-sector giants has successfully disrupted Tycoon 2FA, one of the...

Under Attack: Cisco Urges Immediate Action as Hackers Actively Exploit SD-WAN Manager Flaws Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Attack: Cisco Urges Immediate Action as Hackers Actively Exploit SD-WAN Manager Flaws

Ddos March 5, 2026

Cisco has issued an urgent update to its security advisory, warning that two vulnerabilities in the Cisco...

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center

Ddos March 5, 2026

Cybersecurity authorities are sounding the alarm on a critical vulnerability in the Cisco Secure Firewall Management Center...

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens pac4j-jwt Vulnerability CVE-2026-29000

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens

Ddos March 5, 2026

Cybersecurity researchers have uncovered a critical vulnerability in pac4j-jwt, a popular Java-based library used to secure thousands...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Update Chrome Now: Google Patches 3 Critical Flaws and 7 High-Risk Vulnerabilities

Ddos March 5, 2026

Google has released an urgent update for the Chrome Stable channel, addressing 10 security vulnerabilities, including three...

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls

Ddos March 5, 2026

Cybersecurity researchers have identified a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software, the administrative...

CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed) FreeScout RCE CVE-2026-28289

CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed)

Ddos March 5, 2026

Security researchers have uncovered a maximum-score vulnerability in FreeScout, the popular open-source help desk and shared inbox...

BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo BadPaw Malware MeowMeow Backdoor

BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo

Ddos March 5, 2026

Cybersecurity investigators at ClearSky Team have uncovered a targeted Russian cyber campaign against Ukraine utilizing two novel...

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations

Ddos March 5, 2026

Cybersecurity authorities have issued a stark warning regarding a critical vulnerability in Labkotec’s LID-3300IP, a widely deployed...

Unmasking Silver Dragon: The Chinese-Nexus APT Haunting Southeast Asia and Europe CloudComputating - QSC framework

Unmasking Silver Dragon: The Chinese-Nexus APT Haunting Southeast Asia and Europe

Ddos March 5, 2026

Cybersecurity researchers at Check Point Research (CPR) have lifted the veil on a sophisticated advanced persistent threat...

Coruna: The High-Powered iOS Exploit Kit Proliferating Across the Global Threat Landscape Coruna iOS Exploit GTIG Threat Report

Coruna: The High-Powered iOS Exploit Kit Proliferating Across the Global Threat Landscape

Ddos March 5, 2026

The Google Threat Intelligence Group (GTIG) has detailed the curtain on “Coruna,” a formidable iOS exploit kit...

RedAlert: Mobile Espionage Exploiting Crisis and Fear Red Alert Malware SMS Spoofing

RedAlert: Mobile Espionage Exploiting Crisis and Fear

Ddos March 5, 2026

CloudSEK has unmasked a malicious SMS spoofing campaign spreading a trojanized version of Israel’s “Red Alert” emergency...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

EV Charging Grid Alert: Critical Flaws Exposed in Everon OCPP Backends

Ddos March 5, 2026

Cybersecurity researchers have sounded the alarm on a series of critical vulnerabilities affecting Everon OCPP Backends, the...

Suspected North Korean Actors Target the Cryptocurrency Supply Chain AWS Kill Chain React2Shell

Suspected North Korean Actors Target the Cryptocurrency Supply Chain

Ddos March 5, 2026

Cybersecurity researchers at Ctrl-Alt-Intel have released a detailed investigation into a systematic campaign targeting the heart of...

Stealth and Deception: Transparent Tribe’s Multi-Stage Assault on Indian Government Entities NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club