router security Archives • Daily CyberSecurity

COXMO Botnet Variant: New Advanced Threat Exploits Router Firmware COXMO botnet variant Gafgyt malware analysis

COXMO Botnet Variant: New Advanced Threat Exploits Router Firmware

Do Son June 10, 2026

Security researchers recently uncovered a dangerous new threat targeting internet-connected infrastructure across the globe. Malware analysts discovered...

TP-Link Patches Critical Archer MR600 Command Injection Flaw

Do Son June 9, 2026

Security Update Solves WireGuard Vulnerability in Router Interface TP-Link issued a critical security warning for wireless router...

Dual CVSS 10.0 Bugs Fixed in Emergency Acer Router Patch Acer router flaw critical authentication bypass Acer router security flaws critical firmware bugs

Acer router flaw critical authentication bypass Acer router security flaws critical firmware bugs

Dual CVSS 10.0 Bugs Fixed in Emergency Acer Router Patch

Do Son June 4, 2026

Critical Security Vulnerabilities Threaten Connect W6x Devices Acer has deployed an urgent firmware modification for its consumer...

Critical TP-Link Router Vulnerability Demands Immediate Patching

Do Son June 2, 2026

A serious security flaw has recently put home and enterprise networks at risk. Specifically, a newly discovered...

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover ELECOM Router Vulnerability CVE-2026-42062 Command Injection

ELECOM Router Vulnerability CVE-2026-42062 Command Injection

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover

Do Son May 15, 2026

In a major security disclosure, JPCERT/CC has issued an urgent advisory regarding multiple high-severity vulnerabilities discovered in...

TP-Link Archer AX53 Hit by Multiple High-Severity Vulnerabilities

Do Son April 10, 2026

TP-Link has issued an urgent security advisory regarding its Archer AX53 v1.0 router, detailing five distinct vulnerabilities...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

APT28 Hijacks Home Routers to Steal Corporate Credentials

Do Son April 8, 2026

In a major technical disclosure, the UK National Cyber Security Centre (NCSC) has detailed a sophisticated campaign...

ASUS Issues Security Patch for Router Vulnerability CVE-2023-39238 ASUS Router Update CVE-2025-15101

ASUS Issues Security Patch for Router Vulnerability

Do Son April 1, 2026

In a move to fortify home and office networks, ASUS has released a security update for several...

Root Access via CLI: Cisco Patches Critical IOS XR Privilege Escalation Flaws Cisco IOS XR Vulnerability CVE-2026-20040

Root Access via CLI: Cisco Patches Critical IOS XR Privilege Escalation Flaws

Do Son March 12, 2026

Cisco has issued a high-priority security advisory regarding multiple vulnerabilities in its IOS XR Software that could...

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Do Son March 10, 2026

TP-Link has issued an urgent security advisory for users of its high-performance Archer AXE75 routers. A newly...

Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection

Do Son February 25, 2026

Networking giant Zyxel has rolled out a wave of urgent security patches addressing multiple vulnerabilities across its...

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads DKnife Malware Router AitM Framework

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads

Do Son February 9, 2026

A powerful new cyber weapon has been discovered lurking in routers and edge devices, capable of monitoring...

Rooted via Wi-Fi 7: TP-Link Patches Command Injection in Archer BE230

Do Son February 4, 2026

A new security advisory from TP-Link has disclosed multiple authenticated command injection vulnerabilities affecting its Archer BE230 Wi-Fi...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CVE-2026-0625: Critical Actively Exploited RCE Hits Unpatchable D-Link Routers

Do Son January 7, 2026

Security researchers warn that a critical remote code execution (RCE) vulnerability in legacy D-Link DSL routers is...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-66848: Critical Flaw in JD Cloud Routers Grants Hackers Root Access

Do Son January 5, 2026

A security vulnerability has been uncovered in a popular line of NAS routers from JD Cloud, potentially...

Zero-Day Alert: Linksys Auth Bypass Lets Hackers Hijack Routers Without Passwords Linksys Auth Bypass, CVE-2025-52692

Zero-Day Alert: Linksys Auth Bypass Lets Hackers Hijack Routers Without Passwords

Do Son December 23, 2025

A popular Wi-Fi 6 router found in thousands of homes has been blown wide open by security...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

8 Flaws: ASUS Routers Urgently Need Patch for Authentication Bypass (CVE-2025-59366, CVSS 9.4)

Do Son November 26, 2025

ASUS has released an urgent security update to address a sweeping list of eight potential vulnerabilities in...

D-Link DIR-878 Reaches EOL: 3 Unpatched RCE Flaws Allow Unauthenticated Remote Command Execution D-Link DIR-816, Critical Vulnerabilities D-Link EOL RCE, Unauthenticated Command Injection

D-Link DIR-816, Critical Vulnerabilities D-Link EOL RCE, Unauthenticated Command Injection

D-Link DIR-878 Reaches EOL: 3 Unpatched RCE Flaws Allow Unauthenticated Remote Command Execution

Do Son November 19, 2025

D-Link has issued a security advisory warning users of the DIR-878 router series that multiple newly disclosed...

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released TP-Link CWMP CVE-2025-9961

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released

Do Son September 22, 2025

Security researchers at ByteRay have published a detailed exploitation write-up of CVE-2025-9961, a vulnerability in TP-Link’s CWMP...

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain

Do Son September 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two new security flaws to its Known Exploited...

Critical Alert 1 Active Exploit Detected Today