10:57 pm – June 15, 2026 The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Research & Analysis
More Articles
A new information stealer, dubbed “Sryxen,” has emerged in the underground malware market, employing sophisticated techniques to bypass recent security enhancements in Google Chrome. This C++ based threat, sold as Malware-as-a-Service, specifically targets Windows systems, demonstrating an evolving approach to harvesting sensitive browser credentials. The malware’s innovative strategy allows it…
As 2025 draws to a close, security professionals are confronting a digital landscape irrevocably altered by sophisticated threats. The year saw a dramatic shift in web security paradigms, driven by AI-powered attacks, advanced injection techniques, and widespread supply chain compromises that impacted hundreds of thousands of websites. This necessitates a…
Hackers Employ Evilginx to Steal Session Cookies and Circumvent Multi-Factor Authentication
By News RoomSophisticated phishing toolkits like Evilginx are empowering cybercriminals to execute advanced attacker-in-the-middle (AiTM) campaigns, a tactic that has seen a concerning surge and poses a significant threat to online security. These attacks are specifically engineered to steal temporary session cookies, enabling threat actors to effectively bypass multi-factor authentication (MFA) and…
Organized crime group DUPERUNNER targets employees with weaponized documents in Operation DupeHike malware campaign.
By News RoomA sophisticated cyberattack campaign named Operation DupeHike is actively targeting Russian corporations, with a particular focus on employees in human resources, payroll, and administrative departments. The threat group UNG0902 is reportedly behind this operation, employing highly crafted decoy documents related to employee bonuses and internal financial policies to deploy a…
A significant portion, 68%, of actively serving phishing kits are being protected by Cloudflare, according to a new security report from SicuraNext. This revelation highlights a concerning trend where sophisticated criminal enterprises are exploiting widely used infrastructure to conduct large-scale phishing operations, posing a substantial threat to individuals and organizations…
Qatar has expressed strong **FIFA Arab Cup 2025 security** readiness ahead of the tournament’s commencement. The nation highlighted its extensive experience in hosting major international sporting events as a cornerstone of its confidence in managing the upcoming football competition safely and efficiently. Interior Minister and Commander of the Internal Security…
A sophisticated supply chain attack has been uncovered, leveraging a malicious Visual Studio Code (VSCode) extension to distribute potent malware. The rogue extension, disguised as a legitimate code formatter, served as the entry point for deploying the Anivia loader and the OctoRAT remote access tool directly onto developers’ systems. Security…
A newly identified feature in Anthropic’s Claude AI, named Claude Skills, presents a significant security vulnerability, potentially enabling adversaries to weaponize it for executing MedusaLocker ransomware attacks. Researchers have discovered that this extension capability, designed to enhance the AI’s functionality, can be manipulated to deploy malicious software without user cognizement.…
Critical Elementor Plugin Vulnerability Grants Attackers WordPress Site Administrator Control
By News RoomA critical vulnerability affecting the King Addons for Elementor WordPress plugin has been identified, putting over 10,000 active installations at risk of full administrative takeover. The flaw, discovered by Wordfence security analysts, allows unauthenticated attackers to gain complete control of WordPress websites by simply registering a new user account with…
On Thanksgiving eve, Microsoft Threat Intelligence analysts detected and blocked a large-scale phishing campaign orchestrated by a threat actor identified as Storm-0900. The coordinated attack, involving tens of thousands of emails, sought to exploit the holiday season by using deceptive themes related to parking tickets and medical test results to…
Microsoft has quietly patched a significant security vulnerability, CVE-2025-9491, that has been actively exploited by multiple threat actors since 2017 as part of its November 2025 Patch Tuesday updates. This Windows Shortcut (.LNK) file misinterpretation flaw, with a CVSS score of 7.8, allowed for remote code execution. The vulnerability specifically…
Malicious Rust EVM Units Mimic Legitimate Versions, Silently Executing OS-Specific Payloads
By News RoomA stealthy malware campaign has targeted developers through the open-source Rust ecosystem, masquerading as a legitimate utility for verifying Ethereum Virtual Machine (EVM) versions. The malicious crate, named `evm-units` and published under the author handle `ablerust`, successfully gained thousands of downloads before being identified and removed. This sophisticated attack exploited…