CrowdCyber.com 4 hours ago

4 Million Downloads at Risk: Critical Unstructured Flaw (CVSS 9.8) Allows RCE

Daily CyberSecurity

4 Million Downloads at Risk: Critical Unstructured Flaw (CVSS 9.8) Allows RCE

Critical Unstructured library flaw CVE-2025-64712 (CVSS 9.8) allows RCE via malicious .msg files. 4M+ downloads affected. Update to v0.18.18 now.

CrowdCyber.com 12 hours ago

State actor targets 155 countries in 'Shadow Campaigns' espionage op

BleepingComputer

State actor targets 155 countries in 'Shadow Campaigns' espionage op

A new state-aligned cyberespionage threat group tracked as TGR-STA-1030/UNC6619, has conducted a global-scale operation dubbed the "Shadow Campaign...

CrowdCyber.com 15 hours ago

Tool: AST-based security scanner for AI-generated code (MCP server) https://www.reddit.com/r/netsec/comments/1qxm75b/tool_astbased_security_scanner_for_aigenerated/

CrowdCyber.com 23 hours ago

Apple Pay phish uses fake support calls to steal payment details

Malwarebytes

Apple Pay phish uses fake support calls to steal payment details

This Apple Pay phishing campaign is designed to funnel victims into fake Apple Support calls, where scammers steal payment details.

CrowdCyber.com yesterday

EnCase Driver Weaponized as EDR Killers Persist

Dark Reading

EnCase Driver Weaponized as EDR Killers Persist

The forensic tool

CrowdCyber.com yesterday

CISA warns of SmarterMail RCE flaw used in ransomware attacks

BleepingComputer

CISA warns of SmarterMail RCE flaw used in ransomware attacks

The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code exe...

CrowdCyber.com yesterday

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning

Daily CyberSecurity

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning

Hackers are hijacking NGINX servers via malicious config injections. Datadog warns of silent traffic redirection for SEO poisoning. Check your prox...

CrowdCyber.com yesterday

CVE-2025-13375: Critical IBM Crypto Flaw (CVSS 9.8) Exposes HSMs

Daily CyberSecurity

CVE-2025-13375: Critical IBM Crypto Flaw (CVSS 9.8) Exposes HSMs

IBM warns of critical flaw CVE-2025-13375 (CVSS 9.8) in CCA software. Unauthenticated attackers can hijack HSMs. Update to v7.5.53/v8.4.84 now.

CrowdCyber.com yesterday

DKnife Linux toolkit hijacks router traffic to spy, deliver malware

BleepingComputer

DKnife Linux toolkit hijacks router traffic to spy, deliver malware

A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campa...

CrowdCyber.com yesterday

Open the wrong “PDF” and attackers gain remote access to your PC

Malwarebytes

Open the wrong “PDF” and attackers gain remote access to your PC

The DEAD#VAX campaign tricks users into installing AsyncRAT by disguising a virtual hard disk as a PDF attachment.

CrowdCyber.com yesterday

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps

Daily CyberSecurity

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps

Microsoft warns: Infostealers now target macOS & use WhatsApp worms. "Eternidade" & "Crystal PDF" steal credentials via cross-platf...

CrowdCyber.com yesterday

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Daily CyberSecurity

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Microsoft warns of "CrashFix": malicious extensions crash browsers to trick users into running a "fix" that installs a RAT. Beware ...

CrowdCyber.com 2 days ago

“PDF” Poison: Popular JavaScript Library Patches Critical Injection and Crash Flaws

Daily CyberSecurity

"PDF" Poison: Popular JavaScript Library Patches Critical Injection and Crash Flaws

Critical jsPDF flaws (CVE-2026-24133) allow XSS & DoS via malicious BMPs. Update to v4.1.0 immediately to prevent browser crashes and code injection.

CrowdCyber.com 2 days ago

Ransomware gang uses ISPsystem VMs for stealthy payload delivery

BleepingComputer

Ransomware gang uses ISPsystem VMs for stealthy payload delivery

Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimat...

CrowdCyber.com 2 days ago

Phantom in the Machine: Inside Salt Typhoon’s “SnappyBee” Backdoor

Daily CyberSecurity

Phantom in the Machine: Inside Salt Typhoon’s "SnappyBee" Backdoor

Darktrace dissects SnappyBee (Deed RAT), a stealthy Salt Typhoon backdoor. Learn how it uses DLL side-loading & memory hooking to evade modern AV.

CrowdCyber.com 2 days ago

Popular n8n Platform Hit by Triple Threat of RCE Flaws

Daily CyberSecurity

Popular n8n Platform Hit by Triple Threat of RCE Flaws

Critical n8n flaws (CVE-2026-25053, 25056) allow attackers to hijack servers via Git & Merge nodes. Update to v2.5.0 now to prevent RCE.

CrowdCyber.com 2 days ago

Stealth Injection: Silver Fox APT Upgrades “ValleyRat” with Rare PoolParty Tech

Daily CyberSecurity

Stealth Injection: Silver Fox APT Upgrades "ValleyRat" with Rare PoolParty Tech

Silver Fox APT targets users with fake LINE installers delivering ValleyRat. New campaign uses rare "PoolParty" injection to evade detection.

CrowdCyber.com 2 days ago

CISA warns of five-year-old GitLab flaw exploited in attacks

BleepingComputer

CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab ...

CrowdCyber.com 2 days ago

'Semantic Chaining' Jailbreak Dupes Gemini Nano Banana, Grok 4

Dark Reading

'Semantic Chaining' Jailbreak Dupes Gemini Nano Banana, Grok 4

If an attacker splits a malicious prompt into discrete chunks, some large language models (LLMs) will get lost in the details and miss the true int...

CrowdCyber.com 2 days ago

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy “Chrysalis”

Daily CyberSecurity

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy "Chrysalis"

Lotus Blossom compromises Notepad++ infrastructure to deploy "Chrysalis" malware. Rapid7 reveals the group using Microsoft Warbird to evade...