8:10 am – June 18, 2026 
Threat actors are actively exploiting multiple security vulnerabilities within Fortinet FortiSandbox appliances, according to a recent advisory from cybersecurity firm Defused Cyber. The firm reported observing exploitation attempts for three specific vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within a 24-hour period, highlighting an urgent need for organizations using these Fortinet products…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog. This designation mandates that Federal Civilian Executive Branch (FCEB) agencies must implement the necessary patches by June 18, 2026, to mitigate the risk…
Cisco has issued urgent security updates for a critical vulnerability affecting its Catalyst SD-WAN Manager, a widely used network management platform. This medium-severity flaw, identified as CVE-2026-20262, has been observed under active exploitation in the wild, prompting immediate action from affected organizations and government agencies. The vulnerability, which carries a…
Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Research & Analysis
More Articles
Lynx ransomware, a potent threat to enterprise environments, has been observed employing sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. Recent intrusions highlight threat actors leveraging compromised Remote Desktop Protocol (RDP) logins to deploy Lynx ransomware, systematically deleting server backups before encryption. This evolving threat continues to be…
The Middle East cybersecurity market is experiencing impressive growth, driven significantly by the adoption of AI and cloud computing technologies. This surge is positioning the region as a key player in global cybersecurity solutions. According to a new report from Mordor Intelligence, the Middle East cybersecurity market is projected to…
Google has issued urgent security updates for its Chrome browser to patch two critical vulnerabilities, including a zero-day flaw that is actively being exploited by attackers. The company announced the release on Monday, November 18, 2025, urging users to update immediately to prevent potential compromises. This latest patch addresses a…
A sophisticated criminal network, dubbed “Payroll Pirates,” has been meticulously targeting payroll systems, credit unions, and trading platforms across the United States since mid-2023. Utilizing a strategy of malvertising, these malicious actors place fake advertisements on search engines, luring unsuspecting users to phishing websites. Once credentials are stolen from these…
Cybersecurity researchers have identified a new artificial intelligence (AI) tool named Xanthorox that threat actors can utilize to generate different malicious code based on user prompts. This platform, operating on darknet forums and criminal communities, bypasses standard AI safety protocols, presenting a significant new challenge for the cybersecurity industry. While…
A new and sophisticated strain of ransomware, dubbed Yurei, has surfaced in the cybersecurity landscape, first being publicly identified in early September 2025. This Go-based malware operates by infiltrating corporate networks, encrypting critical data, and demanding ransom for its return, often while also threatening to leak stolen information. The emergence…
Federal authorities and researchers issued urgent alerts Friday regarding a critical vulnerability in Fortinet’s web application firewall, identified as CVE-2025-64446. The defect, which has been actively exploited, allows attackers to execute administrative commands, potentially leading to a complete takeover of compromised devices, according to the Cybersecurity and Infrastructure Security Agency…
Pig-butchering scams, a devastating form of investment fraud, are increasingly leveraging artificial intelligence (AI) to scale their operations and enhance their effectiveness. These elaborate schemes, which have caused billions of dollars in losses globally, rely on building trust through emotional manipulation and fake trading platforms before defrauding victims of their…
Iranian hackers, operating under the guise of the SpearSpecter campaign, are engaged in a sophisticated espionage operation targeting high-value government and defense officials globally. This persistent threat leverages personalized social engineering tactics, including fake conference invitations and meeting requests delivered via WhatsApp, to gain initial access and exfiltrate sensitive information.…
A sophisticated new malware campaign, dubbed EVALUSION, has emerged, leveraging a cunning social engineering tactic known as the “ClickFix” technique. This method tricks unsuspecting users into executing malicious commands through the Windows Run prompt, paving the way for the deployment of Amatera Stealer, a potent information-gathering trojan. Security researchers at…
Hackers are exploiting a specific feature within Microsoft Entra, formerly Azure Active Directory, by leveraging legitimate tenant invitations to launch sophisticated Telephone Oriented Attack Delivery (TOAD) campaigns. These attacks trick recipients into calling fraudulent Microsoft support numbers, aiming to harvest credentials and compromise organizational accounts. This innovative phishing tactic combines…
This past week in cybersecurity highlighted a pervasive trend: threats are becoming more sophisticated, leveraging trusted tools like AI, VPNs, and app stores to bypass traditional defenses. Criminals are establishing robust, business-like operations for espionage, financial gain, and malware distribution, often by subverting the very services organizations depend on. Many…