Daily CyberSecurity •

RedLine Infostealer Kingpin Extradited to U.S. to Face Federal Charges

RedLine Infostealer Operation Magnus

Cybercriminals

RedLine Infostealer Kingpin Extradited to U.S. to Face Federal Charges

March 27, 2026

The Contagious Interview: How NICKEL ALLEY Turns Your “Dream Job” into a North Korean Crypto Nightmare

NICKEL ALLEY Contagious Interview

Cybercriminals

The Contagious Interview: How NICKEL ALLEY Turns Your “Dream Job” into a North Korean Crypto Nightmare

March 27, 2026

Tax Season Terror: Phishing Campaigns Weaponize Urgency to Deliver Remote Access Tools

Tax Phishing ScreenConnect RAT

Cybercriminals

Tax Season Terror: Phishing Campaigns Weaponize Urgency to Deliver Remote Access Tools

March 24, 2026

The Ransomware ‘Locksmith’: Russian Access Broker Aleksei Volkov Sentenced to 7 Years for $9M Cyber Heist

Initial Access Broker Aleksei Volkov

Cybercriminals

The Ransomware ‘Locksmith’: Russian Access Broker Aleksei Volkov Sentenced to 7 Years for $9M Cyber Heist

March 24, 2026

Google Forms Weaponized: New “PureHVNC” Campaign Targets Professionals via LinkedIn

PureHVNC RAT Google Forms Phishing

Malware

Google Forms Weaponized: New “PureHVNC” Campaign Targets Professionals via LinkedIn

March 27, 2026

Inside MioLab, the Professional MaaS Hijacking macOS and Hardware Wallets

MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Malware

Inside MioLab, the Professional MaaS Hijacking macOS and Hardware Wallets

March 27, 2026

GhostClaw Rising: AI-Assisted Malware Campaign Targets macOS via Malicious GitHub Repos

GhostClaw Malware GitHub Supply Chain

Malware

GhostClaw Rising: AI-Assisted Malware Campaign Targets macOS via Malicious GitHub Repos

March 26, 2026

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants

SILENTCONNECT loader RMM abuse

Malware

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants

March 26, 2026

Europe’s Cloud Leviathan Pierced: The Alleged 1.6 Million Dossier Exfiltration at OVHcloud

OVHcloud data breach 2026

Data Leak

Europe’s Cloud Leviathan Pierced: The Alleged 1.6 Million Dossier Exfiltration at OVHcloud

March 24, 2026

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak

Spring Boot Actuator Malware-less Attack

Data Leak

The “Accidental” Breach: How a Misconfigured Endpoint Led to a Major SharePoint Data Leak

March 23, 2026

The Sandbox Slip: How a Security Audit Unearthed Perplexity’s Exposed Claude Code Tokens

Perplexity Computer token leak Perplexity Computer Max

Data Leak

The Sandbox Slip: How a Security Audit Unearthed Perplexity’s Exposed Claude Code Tokens

March 14, 2026

The Torrent Titanic Sinks: YggTorrent Breached as Hackers Expose “Turbo” Tier Greed and 54,000 Credit Cards

YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Data Leak

The Torrent Titanic Sinks: YggTorrent Breached as Hackers Expose “Turbo” Tier Greed and 54,000 Credit Cards

March 6, 2026

Critical 9.8 CVSS Flaw in Pharos Mosaic Controllers Grants Root Access to Unauthenticated Attackers

Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical 9.8 CVSS Flaw in Pharos Mosaic Controllers Grants Root Access to Unauthenticated Attackers

Ddos March 27, 2026

Critical 9.3 CVSS Auth Bypass and XSS Flaws Hit MantisBT MantisBT Vulnerability Authentication Bypass

MantisBT Vulnerability Authentication Bypass

Critical 9.3 CVSS Auth Bypass and XSS Flaws Hit MantisBT

Ddos March 27, 2026

CRITICAL ALERT: Telegram Vulnerability “ZDI-CAN-30207” Exposes Users to Zero-Click Attacks Telegram Zero-Click ZDI-CAN-30207

Telegram Zero-Click ZDI-CAN-30207

CRITICAL ALERT: Telegram Vulnerability “ZDI-CAN-30207” Exposes Users to Zero-Click Attacks

Ddos March 27, 2026

The Kernel Lockdown: Microsoft to Sever Trust for Legacy Drivers in Windows 11 and Server 2025

Windows 11 Kernel Driver Trust Microslop Windows 11 Windows 11 modem driver removal 2026, CVE-2025-24052 Agere driver exploit Windows 11 Password Icon Bug Lock Screen Glitch Windows 11 26H1 ARM Snapdragon X2 Windows 11 Reboot-Free, Insider Build Windows Update Error, 0x80070103 File Explorer, NTLM leak Windows bug, WinRE Windows Update, UAC prompts Secure Boot Certificate, Windows Security Windows 11 22H2 Installation security updates Windows UEFI CA 2023 Windows 11 25H2

The Kernel Lockdown: Microsoft to Sever Trust for Legacy Drivers in Windows 11 and Server 2025

Ddos March 27, 2026

The War on Digital Ghosts: Reddit to Mandate ID Verification for “Mechanistic” Bot Accounts Reddit AI bot crackdown 2026 Reddit lawsuit, data scraping AI licensing, data monetization Reddit, AI Scraping Reddit Lawsuit, AI Data Scraping Reddit Bing search

Reddit AI bot crackdown 2026 Reddit lawsuit, data scraping AI licensing, data monetization Reddit, AI Scraping Reddit Lawsuit, AI Data Scraping Reddit Bing search

The War on Digital Ghosts: Reddit to Mandate ID Verification for “Mechanistic” Bot Accounts

Ddos March 27, 2026

Nasir Security’s Hybrid Warfare Against Middle East Energy Infrastructure Nasir Security Supply Chain Attack

Nasir Security Supply Chain Attack

Nasir Security’s Hybrid Warfare Against Middle East Energy Infrastructure

Ddos March 27, 2026

Proof-of-Concept Released: Public Exploit Details for Windows Error Reporting LPE (CVE-2026-20817) Windows LPE CVE-2026-20817 PoC

Windows LPE CVE-2026-20817 PoC

Proof-of-Concept Released: Public Exploit Details for Windows Error Reporting LPE (CVE-2026-20817)

Ddos March 27, 2026

Critical 9.8 CVSS SpEL Injection and SSRF Flaws Hit Spring AI Framework Spring AI Vulnerability Remote Code Execution (RCE)

Spring AI Vulnerability Remote Code Execution (RCE)

Critical 9.8 CVSS SpEL Injection and SSRF Flaws Hit Spring AI Framework

Ddos March 26, 2026

BIND 9 Security Alert: ISC Releases Patches for Trio of Vulnerabilities CVE-2023-3341 BIND 9 Security DNS ACL Bypass

CVE-2023-3341 BIND 9 Security DNS ACL Bypass

BIND 9 Security Alert: ISC Releases Patches for Trio of Vulnerabilities

Ddos March 26, 2026

High-Severity strongSwan Flaw Enables Remote VPN Gateway Crashes CVE-2023-41913 strongSwan Vulnerability VPN Denial of Service

CVE-2023-41913 strongSwan Vulnerability VPN Denial of Service

High-Severity strongSwan Flaw Enables Remote VPN Gateway Crashes

Ddos March 26, 2026

Zabbix API Vulnerability: High-Severity SQL Injection Threatens Network Monitoring Security zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

Zabbix API Vulnerability: High-Severity SQL Injection Threatens Network Monitoring Security

Ddos March 26, 2026

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

Ddos March 26, 2026

DHCP Down: High-Severity Stack Overflow Flaw Threatens to Paralyze Kea Networks Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

DHCP Down: High-Severity Stack Overflow Flaw Threatens to Paralyze Kea Networks

Ddos March 26, 2026

Critical RCE Flaw in PTC Windchill and FlexPLM Puts Product Data at Risk PTC Windchill RCE Insecure Deserialization

PTC Windchill RCE Insecure Deserialization

Critical RCE Flaw in PTC Windchill and FlexPLM Puts Product Data at Risk

Ddos March 26, 2026

Cisco Alert: Public Vulnerabilities in IOS XE Risk Service Denial and Privilege Escalation CVE-2024-20401 Cisco IOS XE Privilege Escalation

CVE-2024-20401 Cisco IOS XE Privilege Escalation

Cisco Alert: Public Vulnerabilities in IOS XE Risk Service Denial and Privilege Escalation

Ddos March 26, 2026

NAS Under Siege: Critical 9.8 CVSS Bug in Synology Telnet Opens the Door to Total Hijack Synology Telnet Flaw DSM Security Update Synology DSM Telnet vulnerability BeeStation Zero-Day, Pwn2Own RCE CVE-2024-11131 & CVE-2024-10442 CVE-2025-2848 Synology, NAS

Synology Telnet Flaw DSM Security Update Synology DSM Telnet vulnerability BeeStation Zero-Day, Pwn2Own RCE CVE-2024-11131 & CVE-2024-10442 CVE-2025-2848 Synology, NAS

NAS Under Siege: Critical 9.8 CVSS Bug in Synology Telnet Opens the Door to Total Hijack

Ddos March 26, 2026

NVIDIA Patches Critical RCE and DoS Flaws Across ML Frameworks

NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Critical RCE and DoS Flaws Across ML Frameworks

Ddos March 26, 2026

Public Flaws in Cisco IOx Allow Unauthenticated Log Injection and Admin XSS Cisco IOx Log Manipulation Cisco Small Business - CVE-2024-20393 and CVE-2024-20470

Cisco IOx Log Manipulation Cisco Small Business - CVE-2024-20393 and CVE-2024-20470

Public Flaws in Cisco IOx Allow Unauthenticated Log Injection and Admin XSS

Ddos March 26, 2026

The Backup Backdoor: How a Simple File Edit Grants Full SYSTEM Control in IDrive for Windows IDrive Vulnerability Privilege Escalation

IDrive Vulnerability Privilege Escalation

The Backup Backdoor: How a Simple File Edit Grants Full SYSTEM Control in IDrive for Windows

Ddos March 26, 2026

F5 Out-of-Band Security Alert: Multiple Vulnerabilities Unveiled in NGINX Plus and Open Source NGINX Vulnerability Buffer Overflow CVE-2024-24989, CVE-2024-24990 NGINX ACME

NGINX Vulnerability Buffer Overflow CVE-2024-24989, CVE-2024-24990 NGINX ACME

F5 Out-of-Band Security Alert: Multiple Vulnerabilities Unveiled in NGINX Plus and Open Source

Ddos March 25, 2026