Daily Cyber News

5g (1)

Citrix Fixes NetScaler Vulnerabilities, CVE-2025-7775 Actively Exploited

Citrix has rolled out critical security updates to fix three vulnerabilities affecting NetScaler ADC and NetScaler Gateway. Among them, one flaw is already being actively exploited in real-world attacks, according to the company. Overview of the Vulnerabilities Citrix confirmed that CVE-2025-7775 has been exploited on unpatched appliances but did not disclose further technical details. Exploitation […]

Citrix Fixes NetScaler Vulnerabilities, CVE-2025-7775 Actively Exploited Read More »

5g

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station

A team of researchers has introduced a groundbreaking cyberattack technique capable of crashing 5G-enabled devices and downgrading their connectivity to 4G, all without the need for a rogue base station. What is Sni5Gect? The attack, developed by the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), makes use

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station Read More »

untitled design (1)

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers

Cybersecurity experts have uncovered a highly sophisticated social engineering campaign that is deploying MixShell, a stealthy in-memory malware, against key manufacturing companies vital to the global supply chain. This malicious operation, tracked by Check Point Research under the name ZipLine, takes an unusual approach to infiltration. A Shift from Traditional Phishing Instead of relying on

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers Read More »

untitled design

ShadowCaptcha Malware Targets WordPress Sites to Deliver Ransomware, Stealers, and Miners

Large-Scale Attack Campaign A newly identified cyber campaign, codenamed ShadowCaptcha, has compromised more than 100 WordPress websites to redirect visitors toward fake CAPTCHA verification pages. These pages use the ClickFix social engineering technique to deliver information stealers, ransomware, and cryptocurrency miners. The operation, first discovered in August 2025 by the Israel National Digital Agency, highlights

ShadowCaptcha Malware Targets WordPress Sites to Deliver Ransomware, Stealers, and Miners Read More »

add a heading (5)

Docker Patches CVE-2025-9074 Critical Container Escape Vulnerability (CVSS 9.3)

Docker has rolled out security updates to fix a critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS. This flaw, rated 9.3 out of 10 on the CVSS scale, could allow attackers to escape container isolation and gain host-level access. The issue has been patched in Docker Desktop version 4.44.3. According to Docker’s security

Docker Patches CVE-2025-9074 Critical Container Escape Vulnerability (CVSS 9.3) Read More »

add a heading (4)

UNC6384 Chinese Hackers Use Valid Code Signing Certificates to Bypass Security

In early 2025, a covert cyber-espionage campaign targeted diplomats and government organizations across Southeast Asia and other regions. At the core of this operation is STATICPLUGIN, a downloader cleverly disguised as a legitimate Adobe plugin update. Malicious Redirect via Captive Portal Victims experienced a captive portal hijack, redirecting browsers to malicious domains. The landing page,

UNC6384 Chinese Hackers Use Valid Code Signing Certificates to Bypass Security Read More »

add a heading (3)

CISA Alerts on Citrix RCE and Privilege Escalation Flaws Being Exploited

CISA has released a critical security advisory highlighting three recently discovered vulnerabilities that are actively targeted by attackers. On August 25, 2025, these high-risk Common Vulnerabilities and Exposures (CVEs) were added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog, signaling an urgent need for both government agencies and private organizations to act swiftly. Key Highlights Citrix

CISA Alerts on Citrix RCE and Privilege Escalation Flaws Being Exploited Read More »

add a heading (2)

30,000+ IPs Used by Hackers to Scan and Exploit Microsoft Remote Desktop Protocol (RDP) Services

A large-scale coordinated campaign has been detected targeting Microsoft Remote Desktop Protocol (RDP) services, where attackers deployed more than 30,000 unique IP addresses to probe for weaknesses in RD Web Access and RDP Web Client authentication portals. Security analysts warn that this represents one of the largest RDP reconnaissance operations in recent years, suggesting that

30,000+ IPs Used by Hackers to Scan and Exploit Microsoft Remote Desktop Protocol (RDP) Services Read More »

add a heading (1)

Critical Tableau Server Flaw Allows Attackers to Upload and Execute Malicious Files

A severe security flaw has been discovered in Tableau Server, which could allow attackers to upload and execute malicious files, leading to full system takeover. This vulnerability, tracked as CVE-2025-26496 with a CVSS score of 9.6, impacts several versions of Tableau Server and Tableau Desktop on both Windows and Linux platforms. Key Highlights Tableau Server

Critical Tableau Server Flaw Allows Attackers to Upload and Execute Malicious Files Read More »

add a heading (1)

PoC Exploit and Technical Analysis Published for Apple Zero-Day RCE Vulnerability

A newly disclosed critical zero-click exploit (CVE-2025-43300) poses a serious threat to Apple devices. The flaw exists in Apple’s RawCamera.bundle, specifically within the JPEG Lossless Decompression implementation, and allows attackers to execute arbitrary code by sending maliciously crafted DNG (Digital Negative) files. What makes this vulnerability alarming is that no user interaction is required. Simply

PoC Exploit and Technical Analysis Published for Apple Zero-Day RCE Vulnerability Read More »