Remote Access Archives • Daily CyberSecurity

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC STAC6405 Phishing RMM Abuse

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

Do Son April 6, 2026

Cybercriminals are increasingly trading custom-built malware for legitimate software to slip past corporate defenses. A new investigation...

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season 2026 Tax Phishing RMM Abuse

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season

Do Son April 5, 2026

As the 2026 tax season reaches its peak, cybersecurity researchers have identified a massive surge in digital...

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation

Do Son April 3, 2026

In the critical infrastructure of the internet, OpenSSH stands as one of the most vital gatekeepers for...

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks Helmholz myREX24V2 Industrial RCE

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Do Son March 24, 2026

Industrial connectivity specialist Helmholz GmbH & Co. KG has issued an urgent security advisory regarding multiple vulnerabilities...

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys ScreenConnect Vulnerability CVE-2026-3564

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys

Do Son March 18, 2026

ConnectWise recently issued a critical security update for its ScreenConnect platform, addressing a significant vulnerability that could...

Critical Flaw CVE-2025-59159 (CVSS 9.7) in SillyTavern Allows Full Remote Control of Local AI Instances SillyTavern DNS Rebinding, CVE-2025-59159

Critical Flaw CVE-2025-59159 (CVSS 9.7) in SillyTavern Allows Full Remote Control of Local AI Instances

Do Son October 7, 2025

The developers of SillyTavern, a popular locally hosted interface for large language models (LLMs) and AI tools,...

Datzbro Trojan: Spyware-Banking Malware Hijacks Seniors’ Devices with Fake Facebook Lures Datzbro Android Trojan, Senior Scam

Datzbro Trojan: Spyware-Banking Malware Hijacks Seniors’ Devices with Fake Facebook Lures

Do Son October 1, 2025

ThreatFabric researchers uncovered a sophisticated scam campaign that weaponizes social engineering and mobile malware to exploit one...

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Do Son September 12, 2025

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

CVE-2025-40804: Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

CVE-2025-40804: Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Do Son September 10, 2025

Siemens has disclosed a critical security vulnerability (CVE-2025-40804) in its SIMATIC Virtualization as a Service (SIVaaS) platform....

Beyond Cryptominers: A New Malware Strain Is Hijacking Exposed Docker APIs Docker malware, exposed APIs

Beyond Cryptominers: A New Malware Strain Is Hijacking Exposed Docker APIs

Do Son September 10, 2025

The Akamai Hunt Team has discovered a new strain of malware targeting exposed Docker APIs. Unlike earlier...

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Do Son September 9, 2025

Siemens has disclosed multiple vulnerabilities in its User Management Component (UMC), which is used in products like...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CISA Warns of Critical Flaw in SunPower Solar Inverters (CVE-2025-9696, CVSS 9.6)

Do Son September 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory highlighting a critical vulnerability in...

CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover Seiko Solutions, command injection

CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover

Do Son September 1, 2025

A critical security flaw has been discovered in SkyBridge BASIC MB-A130, a networking device developed by Seiko...

MediaTek September 2025 Security Bulletin: High-Severity Modem Flaws Could Enable Remote Attacks MediaTek Chipset Flaws, WLAN Buffer Overflow MediaTek Vulnerabilities, Chipset Security

MediaTek Chipset Flaws, WLAN Buffer Overflow MediaTek Vulnerabilities, Chipset Security

MediaTek September 2025 Security Bulletin: High-Severity Modem Flaws Could Enable Remote Attacks

Do Son September 1, 2025

MediaTek has published its September 2025 Product Security Bulletin, disclosing several high- and medium-severity vulnerabilities affecting a...

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS Dell ThinOS, remote access

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS

Do Son August 28, 2025

Dell Technologies has issued a security advisory addressing several high-severity vulnerabilities in its ThinOS 10 platform, widely...

CVE-2025-41702 (CVSS 9.8): Critical Flaw in Welotec egOS Puts Industrial Systems at Risk Welotec Vulnerability CVE-2025-41702

CVE-2025-41702 (CVSS 9.8): Critical Flaw in Welotec egOS Puts Industrial Systems at Risk

Do Son August 27, 2025

A critical flaw has been identified in the Welotec egOS WebGUI backend, tracked as CVE-2025-41702, which could...

RedHook Android Banking Trojan Targets Vietnamese Users with Advanced Phishing & Full Device Takeover Android Banking Trojan, RedHook Malware

RedHook Android Banking Trojan Targets Vietnamese Users with Advanced Phishing & Full Device Takeover

Do Son July 29, 2025

In a revelation by Cyble Research and Intelligence Labs (CRIL), a powerful new Android banking trojan dubbed...

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service Cyber Stealer, Infostealer-Botnet

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

Do Son July 28, 2025

The eSentire’s Threat Response Unit (TRU) has uncovered a rapidly evolving malware platform called Cyber Stealer—a full-fledged...

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

Do Son July 11, 2025

A newly uncovered variant of the notorious macOS.ZuRu malware is now using a trojanized version of Termius,...

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations Linux Proxy Malware, Legitimate Tool Abuse

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations

Do Son July 3, 2025

The AhnLab SEcurity intelligence Center (ASEC) has uncovered a series of attacks on poorly secured Linux servers,...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Remote Access

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys

Critical Flaw CVE-2025-59159 (CVSS 9.7) in SillyTavern Allows Full Remote Control of Local AI Instances

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

CVE-2025-40804: Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Beyond Cryptominers: A New Malware Strain Is Hijacking Exposed Docker APIs

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

CISA Warns of Critical Flaw in SunPower Solar Inverters (CVE-2025-9696, CVSS 9.6)

CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover

MediaTek September 2025 Security Bulletin: High-Severity Modem Flaws Could Enable Remote Attacks

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS

CVE-2025-41702 (CVSS 9.8): Critical Flaw in Welotec egOS Puts Industrial Systems at Risk

RedHook Android Banking Trojan Targets Vietnamese Users with Advanced Phishing & Full Device Takeover

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations