1:40 am – June 16, 2026 The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Research & Analysis
More Articles
Critical Vulnerabilities in React and Next.js Permit Unauthenticated Remote Code Execution
By News RoomDevelopers using React Server Components (RSC) are facing a critical security threat following the disclosure of a maximum-severity vulnerability. This flaw, identified as CVE-2025-55182, could allow attackers to execute arbitrary code remotely on vulnerable servers, posing a significant risk to applications built with this technology. The React Team confirmed the…
Security researchers and developers are urgently addressing a critical vulnerability affecting React Server Components, an open-source library utilized by a significant portion of web applications and integrated into numerous software frameworks. The discovery and rapid response highlight the considerable risk posed by this defect, with active exploitation anticipated to begin…
Shai-Hulud 2.0 malware infects 30,000 repositories, exposing 500 GitHub usernames and tokens.
By News RoomA sophisticated malware named Shai-Hulud 2.0 has compromised over 30,000 GitHub repositories since its emergence on November 24, 2025, marking a significant supply chain security breach. This worm-like malware targets the developer ecosystem, particularly the NPM package manager, and has spread across multiple platforms including Maven and OpenVSX, highlighting a…
Hackers are employing a sophisticated phishing campaign that leverages the familiar interface of Calendly to steal Google Workspace account credentials. This targeted attack, identified by security analysts, uses convincing social engineering tactics to trick business professionals into divulging sensitive login information, posing a significant threat to organizational security. The elaborate…
WordPress King Addons vulnerability actively exploited, enabling administrator account creation.
By News RoomA critical security vulnerability in the widely-used WordPress plugin King Addons for Elementor is now actively being exploited by attackers. This privilege escalation flaw, designated as CVE-2025-8489, allows unauthenticated users to gain administrator privileges on affected websites, significantly compromising website security. The vulnerability impacts King Addons for Elementor versions ranging…
The decentralized finance (DeFi) sector was struck by a significant security incident on November 30, 2025, when hackers exploited a critical vulnerability in Yearn Finance’s yETH pool, leading to the alleged theft of approximately $9 million in Ethereum. The sophisticated attack saw an unauthorized party mint an extraordinary amount of…
Threat actors are reportedly distributing a sophisticated remote access trojan (RAT) known as K.G.B RAT, which boasts advanced detection evasion capabilities. This fully undetectable (FUD) malware package includes a crypter and Hidden Virtual Network Computing (HVNC) functionality, presenting a significant threat to organizations across various sectors. Security researchers have observed…
A new phishing campaign is actively targeting organizations, leveraging a deceptive “Executive Award” theme to deliver the potent Stealerium malware. This sophisticated, two-stage attack meticulously combines social engineering tactics with advanced malware delivery, posing a significant threat to businesses and their sensitive data. The campaign highlights a concerning trend where…
MuddyWater, an Iran-aligned cyberespionage group also known as Mango Sandstorm, has escalated its operations with a new, sophisticated campaign targeting critical infrastructure in Israel and Egypt. The operation, active from September 2024 through March 2025, demonstrates a significant evolution in the group’s tactics, moving towards stealthier, long-term access methods and…
Critical security vulnerabilities have been discovered in Picklescan, an open-source utility designed to safeguard against malicious code embedded within Python pickle files, particularly those used in machine learning frameworks like PyTorch. At least three severe flaws have been detailed, enabling attackers to bypass the scanner’s protections and execute arbitrary code…
The threat actor tool known as Matanbuchus has undergone a significant evolution, with version 3.0 of this malicious downloader being actively deployed in real-world attacks. This C++-based malware-as-a-service has been available since 2020, offering threat actors a way to rent its capabilities for deploying secondary payloads, increasingly leading to ransomware…
Two sophisticated Linux rootkits, BPFDoor and Symbiote, are increasingly threatening network security by exploiting eBPF technology to evade traditional detection methods. First identified in 2021, these advanced malware variants are designed to operate at the kernel level, offering near-undetectable persistent access and communication interception capabilities. Security researchers observed a concerning…