5:20 am – June 16, 2026 The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Research & Analysis
More Articles
A sophisticated cyber-espionage campaign targeting Indian government entities has been identified, employing newly developed Python-based ELF malware by the Pakistan-based threat actor APT36, also known as Transparent Tribe. This operation signifies a notable advancement in the group’s capabilities, particularly their adaptability to Linux-based operating systems, which are prevalent within Indian…
The UAE Cybersecurity Council has initiated a national rollout of post‑quantum cybersecurity measures, a significant step in protecting its digital infrastructure from future quantum computing threats. The program, developed in collaboration with QuantumGate, aims to secure critical national systems by migrating away from current cryptographic standards vulnerable to quantum decryption.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security vulnerability affecting OpenPLC ScadaBR to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This move underscores the growing threat landscape for industrial control systems and highlights the need for prompt patching of critical infrastructure software.…
Cybersecurity researchers have identified a critical vulnerability in legacy Python packages that could enable supply chain attacks on the Python Package Index (PyPI) through domain takeover tactics. This discovery highlights an ongoing risk associated with outdated code and the importance of diligent package management. The vulnerability stems from an old…
Hackers register 18,000 holiday-themed domains using keywords such as ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale.’
By News RoomThe 2025 holiday season has become a prime target for cybercriminals, with an industrialized approach now being deployed to exploit the burgeoning global online commerce. Reports indicate that attackers are leveraging automated tools to scale operations across numerous merchant categories, creating a surge in deceptive digital assets. This pre-holiday offensive…
The Handala hacker group has launched a concerning new campaign targeting Israeli high-tech and aerospace professionals, marking a significant escalation in cyber operations. The group recently published a list of individuals working in these critical sectors, along with hostile descriptions that falsely accuse them of criminal activity. This sophisticated attack…
A sophisticated cyber threat group known as Scattered Lapsus$ has launched a widespread campaign targeting Zendesk, a widely used customer support platform. The group has registered over 40 deceptive domains designed to mimic legitimate Zendesk environments, employing typosquatting and Cloudflare-masked nameservers to bypass security measures and capture user credentials. This…
Oracle has expanded its Abu Dhabi cloud region with the Middle East’s first Oracle Cloud Infrastructure (OCI) Supercluster, designed to accelerate sovereign artificial intelligence (AI) development. This significant expansion is powered by Nvidia’s latest Blackwell GPUs. The artificial intelligence supercluster aims to bolster Abu Dhabi’s ambition to become the world’s…
A sophisticated malware campaign dubbed “Shai Hulud v2” is actively exploiting GitHub Actions workflows to purloin sensitive secrets and compromise software supply chains. This new wave of attack has already infected at least 834 packages across the npm and Maven ecosystems, impacting prominent projects such as PostHog, Zapier, and AsyncAPI.…
Over 390 abandoned iCalendar sync domains pose security risks to approximately 4 million devices
By News RoomA significant cybersecurity vulnerability has been uncovered, with researchers discovering that over 390 abandoned iCalendar sync domains could potentially expose approximately 4 million Apple devices to security risks. This oversight stems from the practice of users subscribing to external calendar feeds, which, when the hosting domains expire and are re-registered…
Security researchers have unearthed a critical vulnerability within legacy Python packages, specifically in older bootstrap scripts used with the zc.buildout tool. This flaw enables potential domain takeover attacks, posing a significant risk to the Python Package Index (PyPI) supply chain. The issue stems from hardcoded references to outdated domains that…
Cybercriminal ByteToBreach Offers Sensitive Global Data from Airlines, Banks, and Governments
By News RoomA skilled cybercriminal known as ByteToBreach is actively marketing and leaking sensitive global data, including information from airlines, banks, universities, and government agencies. This threat actor, operating since at least June 2025, has established a widespread presence across multiple online platforms, combining technical expertise with aggressive self-promotion to reach potential…