threat intelligence Archives • Page 6 of 13 • Daily CyberSecurity

Cyber Escalation in the Middle East: Disruption, Deception, and the Quest for Data

Cyber Escalation in the Middle East: Disruption, Deception, and the Quest for Data

Do Son March 12, 2026

A new report from Rapid7 Labs highlights a significant spike in retaliatory cyber activity targeting both regional...

Iran-Aligned TA453 Weaponizes ‘Operation Epic Fury’ for Cyber Espionage Operation Epic Fury TA453 Phishing

Iran-Aligned TA453 Weaponizes ‘Operation Epic Fury’ for Cyber Espionage

Do Son March 12, 2026

In the wake of the February 2026 military strikes known as Operation Epic Fury, a new front...

The Dark Side of Telegram: How Cybercriminals Weaponize Bot APIs for Stealthy Data Exfiltration

Do Son March 12, 2026

While millions use Telegram for secure, instant messaging, a darker side of the platform is emerging in...

Operation False Siren: The Weaponization of Israel’s Red Alert App for Geo-Fenced Espionage Goldoon Botnet Operation False Siren Red Alert Spyware

Goldoon Botnet Operation False Siren Red Alert Spyware

Operation False Siren: The Weaponization of Israel’s Red Alert App for Geo-Fenced Espionage

Do Son March 12, 2026

A highly targeted mobile espionage campaign has been uncovered targeting Israeli citizens. Dubbed Operation False Siren, this...

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding UPI SIM-Binding Bypass LSPosed Framework

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding

Do Son March 12, 2026

According to a critical new report from CloudSEK, threat actors have moved beyond simple app modifications to...

APT-C-23 Weaponized Israel’s ‘Red Alert’ App for Mobile Espionage Red Alert Trojan APT-C-23

APT-C-23 Weaponized Israel’s ‘Red Alert’ App for Mobile Espionage

Do Son March 11, 2026

The Acronis Threat Research Unit (TRU) has identified a calculated campaign distributing a trojanized version of the...

Microsoft Exposes How Hackers Use Generative Models as a Force Multiplier Malicious AI AI Memory Poisoning

Microsoft Exposes How Hackers Use Generative Models as a Force Multiplier

Do Son March 11, 2026

The same AI technologies revolutionizing global productivity are now being “operationalized” by cyber adversaries to sharpen their...

The Vibe-Coding Trap: Fake Claude Code Installers Unleash Amatera Malware via Search Ads Claude Code Malvertising Amatera Malware

The Vibe-Coding Trap: Fake Claude Code Installers Unleash Amatera Malware via Search Ads

Do Son March 11, 2026

In the fast-paced world of AI development, “vibe-coding” has become a popular term for rapid, experimental building....

Zscaler Uncovers 8,000+ Domains and APT Backdoors Exploiting Middle East Tensions Middle East Cyber Threats

Zscaler Uncovers 8,000+ Domains and APT Backdoors Exploiting Middle East Tensions

Do Son March 11, 2026

Zscaler ThreatLabz is currently tracking a significant surge in cybercriminal operations that capitalize on the elevated political...

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure CL-UNK-1068 Chinese APT

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure

Do Son March 11, 2026

Since 2020, a sophisticated cluster of activity has been quietly infiltrating high-value organizations across South, Southeast, and...

Dutch Intelligence Warning: Russian State Actors Targeting Signal and WhatsApp WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Dutch Intelligence Warning: Russian State Actors Targeting Signal and WhatsApp

Do Son March 10, 2026

In a significant Cybersecurity Advisory released in March 2026, the Netherlands Defence Intelligence and Security Service (MIVD)...

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX

Do Son March 10, 2026

Following recent regional escalations, researchers have identified a sharp increase in activity from Chinese-nexus APT (Advanced Persistent...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2026-0866: Malformed ZIP Headers Allow Malware to Slip Past EDR Scanners

Do Son March 10, 2026

A newly detailed vulnerability, CVE-2026-0866, is highlighting a fundamental blind spot in how many Antivirus (AV) and...

“Coruna” Exploit Kit: Mass iOS Attacks Pivot from Crypto Scams to Iran-Themed Lures Coruna Exploit Kit iOS Malware

“Coruna” Exploit Kit: Mass iOS Attacks Pivot from Crypto Scams to Iran-Themed Lures

Do Son March 10, 2026

New research from Validin shed light on the rapid evolution and expansion of “Coruna,” a sophisticated iOS...

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets SHub Stealer Mac Malware

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets

Do Son March 10, 2026

Mac users are the target of a convincing new “brand impersonation” campaign that turns the popular utility...

Agencies Issue Urgent Warning on INC Ransom Healthcare Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Agencies Issue Urgent Warning on INC Ransom Healthcare Attacks

Do Son March 10, 2026

A new joint advisory released by the Australian Cyber Security Centre (ACSC), CERT Tonga, and New Zealand’s...

The Spy in Your Sidebar: Fake AI Browser Extensions Steal Data from 900,000 Users Malicious AI Extensions Chromium Browser Security

The Spy in Your Sidebar: Fake AI Browser Extensions Steal Data from 900,000 Users

Do Son March 10, 2026

A seemingly helpful AI assistant could be a silent spy in your browser. Microsoft Defender Security Research...

The ‘Contagious Interview’ Trap: How a Web3 CEO Unmasked North Korean Stealth Malware Contagious Interview North Korean Malware

The ‘Contagious Interview’ Trap: How a Web3 CEO Unmasked North Korean Stealth Malware

Do Son March 10, 2026

It started with a routine direct message on LinkedIn: a recruiter named “Nazar” pitching a role at...

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server ClipXDaemon Linux Malware

Silently Swapped: How ClipXDaemon Hijacks Linux Cryptowallets Without a C2 Server

Do Son March 10, 2026

Cybersecurity researchers have identified a specialized new threat targeting Linux users that breaks the traditional mold of...

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision AWS Phishing AiTM Attack

AWS Console Alert: Real-Time “AiTM” Phishing Campaign Bypasses MFA with Rapid Precision

Do Son March 9, 2026

In a sophisticated escalation of cloud-targeting attacks, Datadog Security Research has uncovered an active adversary-in-the-middle (AiTM) phishing...

Critical Alert 1 Active Exploit Detected Today