Skip to content
July 7, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • STX RAT

STX RAT

X-VPN Installer Hijacked to Spread STX RAT Malware X-VPN DLL sideloading, STX RAT campaign, CRYPTBASE.dll sideloading
  • Malware

X-VPN Installer Hijacked to Spread STX RAT Malware

Do Son June 15, 2026 0
A Month-Long Supply Chain Operation Targets Crypto Users A threat actor known as Leda Elacoate spent roughly...
Read More Read more about X-VPN Installer Hijacked to Spread STX RAT Malware
The CPUID Watering Hole Attack Turning CPU-Z into a Trojan CVE-2023-22952 CPUID Watering Hole DLL Sideloading
  • Malware

The CPUID Watering Hole Attack Turning CPU-Z into a Trojan

Do Son April 13, 2026 0
In the world of system administration, few tools are as ubiquitous as CPU-Z and HWMonitor. These utilities...
Read More Read more about The CPUID Watering Hole Attack Turning CPU-Z into a Trojan
STX RAT: The New Financial Predator Hiding in the “Start of Text” STX RAT Financial Malware
  • Malware

STX RAT: The New Financial Predator Hiding in the “Start of Text”

Do Son April 13, 2026 0
A sophisticated new player entered the cyber-threat landscape. Analysts at eSentire’s Threat Response Unit (TRU) have identified...
Read More Read more about STX RAT: The New Financial Predator Hiding in the “Start of Text”

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-45659CVSS 8.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-13019CVSS 9.8
    Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and...
  • CVE-2026-53483CVSS 9.8
    Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
  • CVE-2026-53481CVSS 9.8
    Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
  • CVE-2026-27823
    ## Summary A critical vulnerability has been identified in EGroupware that may...
  • CVE-2026-33264CVSS 9.8
    A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when...
  • CVE-2026-4375CVSS 9.0
    The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65...
  • CVE-2026-14345CVSS 9.8
    The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click...
  • CVE-2026-12375CVSS 9.8
    The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after...
  • CVE-2026-34048CVSS 9.9
    Coolify is an open-source and self-hostable tool for managing servers, applications, and...
  • CVE-2026-34047CVSS 9.9
    Coolify is an open-source and self-hostable tool for managing servers, applications, and...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.