2:19 pm – June 18, 2026 Threat actors are actively exploiting multiple security vulnerabilities within Fortinet FortiSandbox appliances, according to a recent advisory from cybersecurity firm Defused Cyber. The firm reported observing exploitation attempts for three specific vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within a 24-hour period, highlighting an urgent need for organizations using these Fortinet products…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog. This designation mandates that Federal Civilian Executive Branch (FCEB) agencies must implement the necessary patches by June 18, 2026, to mitigate the risk…
Cisco has issued urgent security updates for a critical vulnerability affecting its Catalyst SD-WAN Manager, a widely used network management platform. This medium-severity flaw, identified as CVE-2026-20262, has been observed under active exploitation in the wild, prompting immediate action from affected organizations and government agencies. The vulnerability, which carries a…
Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Research & Analysis
More Articles
Genetec has officially launched cloud-native audio communications for its Security Center SaaS platform, enhancing its comprehensive unified security solution. This new feature allows for real-time voice interaction directly within the same cloud-based interface used for video surveillance, access control, and intrusion detection. The integration aims to streamline operations for security…
Intersec Saudi Arabia 2025 has concluded its seventh edition, setting new benchmarks for attendance and exhibitor participation. The event, which ran from September 29 to October 1 at the Riyadh International Convention and Exhibition Centre (RICEC), saw significant growth in trade buyers. This success positions Intersec Saudi Arabia as a…
The 4th edition of the Global Airports Forum (GAF) is set to take place at the Riyadh International Convention and Exhibition Centre (RICEC) from December 16 to 17, spotlighting airport innovation. Prominent aviation industry players, including Saudia and Amadeus, will attend, alongside the launch of the Airport Innovation Hub and…
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
By News RoomThe digital landscape is under constant assault, with cybercriminals leveraging increasingly sophisticated tactics to exploit vulnerabilities. This week’s cybersecurity threats landscape reveals a dynamic battle between evolving threats and the defenses being erected by security teams worldwide. From new malware strains and significant data leaks to government regulatory actions and…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog. This move follows evidence of active exploitation of the vulnerability, underscoring the urgent need for organizations to patch their systems. The vulnerability, identified as CVE-2025-9242,…
The English-speaking cybercriminal ecosystem known as “The COM” has evolved significantly, transforming from a niche community focused on trading social media handles into a sophisticated, organized operation responsible for a wide spectrum of damaging cyberattacks. This evolution, particularly accelerated during the cryptocurrency boom of 2020-2021, has seen threat actors shift…
ESET has unveiled significant enhancements to its home security portfolio, timed to coincide with Cybersecurity Awareness Month. The cybersecurity company announced that its award-winning Ransomware Remediation feature is now accessible to consumers and small office/home office (SOHO) users as part of updated ESET HOME Security and ESET Small Business Security…
Kaspersky and Oman Data Park have signed a Memorandum of Understanding (MoU) aimed at significantly enhancing cybersecurity resilience within the Sultanate of Oman. The agreement, finalized recently, establishes a collaborative framework designed to bolster the nation’s defenses against an increasingly complex landscape of cyber threats. This strategic partnership will involve…
Cybersecurity researchers have identified a significant surge in automated attacks targeting PHP servers, Internet of Things (IoT) devices, and cloud gateways. Various botnets, including Mirai, Gafgyt, and Mozi, are actively exploiting known vulnerabilities and cloud misconfigurations to gain control of exposed systems and expand their networks. These automated campaigns leverage…
Microsoft has issued critical security updates to address a high-severity vulnerability in its SQL Server software, identified as CVE-2025-59499. This flaw, publicly disclosed on November 11, 2025, allows attackers to escalate privileges on affected systems, potentially granting them unauthorized administrative control over sensitive databases. The vulnerability impacts multiple SQL Server…
The Intersec Awards 2026 finalists have been revealed, showcasing significant advancements and leadership within the fire, safety, and security sectors. The prestigious awards, now in their fifth year, will honor excellence through 17 categories when winners are announced at a gala event in Dubai on January 13. The shortlist features…
A severe security flaw dubbed “Brash” has been discovered in the Chromium rendering engine, capable of crashing numerous popular Chromium-based browsers within seconds. Security researcher Jose Pino disclosed the details of this vulnerability, highlighting its potential to disrupt user experience and impact browser stability across a wide range of applications.…