4:06 am – June 16, 2026 The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Research & Analysis
More Articles
Google Addresses 107 Android Vulnerabilities, Including Two Actively Exploited Framework Flaws
By News RoomGoogle has issued its December 2025 Android security updates, addressing a significant number of vulnerabilities, including two that the company acknowledges have already been exploited in the wild. This monthly patch is crucial for maintaining the security of the Android ecosystem, protecting users from potential data breaches and unauthorized access…
The Security Middle East Conference is set to convene in Riyadh for its fourth iteration on April 28, 2026, at the Voco Hotel. This event serves as a crucial nexus for security professionals and leaders across the Middle East, fostering dialogue and strategic partnerships. This important gathering, now in its…
A new remote access trojan (RAT) dubbed KimJongRAT is actively targeting Windows users, posing a significant cybersecurity threat. Security researchers have identified this sophisticated malware as a tool of the Kimsuky group, a China-linked threat actor with alleged state sponsorship. The campaign typically begins with a deceptive phishing email containing…
Recent cybersecurity analyses have spotlighted two Chinese technology companies, BIETA and CIII, allegedly providing advanced steganography solutions for state-sponsored cyber operations, particularly supporting advanced persistent threat (APT) campaigns. These entities are believed to operate as front companies for China’s Ministry of State Security (MSS), playing a significant role in enhancing…
A deceptive Visual Studio Code extension, masquerading as the popular “Material Icon Theme,” has been identified as a tool for actively targeting Windows and macOS users. This malicious add-on, disguised as a legitimate development tool, functions as a stealthy backdoor, granting attackers unauthorized access to developer workstations once installed via…
Hackers register over 2,000 fraudulent holiday online stores to steal user payment information.
By News RoomAs the holiday shopping season intensifies, cybersecurity researchers have uncovered a massive threat targeting unsuspecting online consumers. Over 2,000 fake holiday-themed online stores have been registered in a coordinated campaign aimed at stealing user payment information and personal data. These fraudulent websites are designed to mimic legitimate retailers, luring shoppers…
A sophisticated cyberespionage campaign named “Operation Hanoi Thief” has emerged, specifically targeting IT professionals and recruitment teams in Vietnam. Discovered on November 3, 2025, this threat activity employs a complex multi-stage infection chain designed to harvest sensitive browser credentials and history. The campaign’s primary objective is intelligence gathering, focusing on…
Hackers Exploit Government Impersonation for NetSupport RAT Deployment via Weaponized PDFs
By News RoomA sophisticated threat actor group, identified as Bloody Wolf, has been actively conducting cyber espionage operations in Central Asia, with early reports suggesting a significant increase in activity since late June 2025. Specializing in spear-phishing, Bloody Wolf is meticulously impersonating government agencies to deploy the NetSupport Remote Administration Tool (RAT)…
A new and sophisticated Windows malware packer, dubbed TangleCrypt, has emerged as a significant threat in recent ransomware attacks. Its primary objective is to bypass Endpoint Detection and Response (EDR) security solutions, a capability first observed in conjunction with the Qilin ransomware and the ABYSSWORKER kernel driver during a September…
Security researchers have uncovered a sophisticated, private Out-of-Band Application Security Testing (OAST) operation leveraging Google Cloud infrastructure to launch widespread attacks targeting over 200 Common Vulnerabilities and Exposures (CVEs). This operation, distinct from typical exploit scanning due to its custom infrastructure, has been actively running, demonstrating a significant and persistent…
The notorious Tomiris hacker group has resurfaced with a sophisticated and alarming campaign targeting foreign ministries and government entities worldwide. Beginning in early 2025, this advanced persistent threat (APT) actor appears to have shifted its operational strategy, focusing its advanced capabilities on high-value diplomatic infrastructure. By leveraging a diverse array…
In a concerning trend for cybersecurity professionals, hackers are increasingly leveraging everyday tools like code packages, cloud accounts, and trusted partners as their primary attack vectors. This shift means that seemingly innocuous actions, such as a single bad download or an invitation to collaborate, can lead to widespread compromise of…