7:08 pm – June 18, 2026 Microsoft has formally acknowledged a critical vulnerability within its Defender Antivirus engine, publicly known as RoguePlanet. This zero-day flaw, now designated CVE-2026-50656, represents a significant privilege escalation risk within the widely used Microsoft endpoint security solution. The company is actively developing a patch to address the issue, which was recently…
A recent cyber intrusion into a small French automotive business has highlighted a critical vulnerability in typical cybersecurity remediation strategies. French-speaking attacker known as “Poisson” employed a sophisticated tactic of establishing a secondary, covert access channel before his primary command-and-control (C2) server was taken offline. This ensured continued access to…
CISA issues alert on actively exploited Joomla JCE vulnerability enabling PHP code execution
By News RoomCISA Adds Critical Joomla Vulnerability to Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog. This move, announced on Tuesday, June 17, 2026, signifies that…
Threat actors are actively exploiting multiple security vulnerabilities within Fortinet FortiSandbox appliances, according to a recent advisory from cybersecurity firm Defused Cyber. The firm reported observing exploitation attempts for three specific vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within a 24-hour period, highlighting an urgent need for organizations using these Fortinet products…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog. This designation mandates that Federal Civilian Executive Branch (FCEB) agencies must implement the necessary patches by June 18, 2026, to mitigate the risk…
Cisco has issued urgent security updates for a critical vulnerability affecting its Catalyst SD-WAN Manager, a widely used network management platform. This medium-severity flaw, identified as CVE-2026-20262, has been observed under active exploitation in the wild, prompting immediate action from affected organizations and government agencies. The vulnerability, which carries a…
Research & Analysis
More Articles
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two significant security flaws affecting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog. This action signals that these vulnerabilities are not just theoretical but are actively being exploited by malicious actors in the wild, posing…
U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure
By News RoomU.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated actors targeting critical infrastructure, including the Defense Industrial Base. The advisory highlights an expected escalation in activity due to recent geopolitical events, emphasizing increased vigilance against threats like distributed denial-of-service…
Russian-linked threat actor Curly COMrades has been observed employing a sophisticated evasion technique by leveraging virtualization technologies to bypass security defenses and deploy custom malware. This innovative approach allows the group to establish a hidden operational environment, making their malicious activities harder to detect and disrupt. According to a recent…
Cybercrime’s evolution signifies a critical shift: online threats are no longer confined to the digital realm but are actively fueling real-world harm. Organized crime syndicates are leveraging online scams for funding, and the concept of “violence as a service” is emerging in the cyber underground. This interconnectedness means that every…
Cybersecurity researchers have uncovered a series of seven vulnerabilities affecting OpenAI’s latest AI models, GPT-4o and GPT-5, including methods for attackers to steal personal information from user memories and chat histories without their knowledge. These findings, detailed by Tenable, highlight significant risks associated with the increasing integration of AI chatbots…
A new and previously undocumented Windows spyware, dubbed Batavia, has been actively targeting Russian organizations since July 2024 as part of a sophisticated cyber espionage campaign. Security researchers at Kaspersky have been tracking the activity, which appears to focus on the exfiltration of sensitive internal documents. Batavia Spyware Targets Russian…
A sophisticated authentication coercion attack is increasingly targeting Windows and Active Directory environments globally, manipulating machines into revealing sensitive credentials to attacker-controlled servers. This evolving threat vector exploits fundamental Windows communication mechanisms, including obscure Remote Procedure Call (RPC) protocols, to bypass traditional security defenses. The attack’s effectiveness stems from its…
Credential compromise is becoming a significant threat to organizations worldwide, with cybercriminal operations scaling up to monetize stolen user data. A recent analysis highlights how seemingly minor security lapses can lead to substantial financial and reputational damage, emphasizing the need for proactive defense strategies. Every click, every login, and every…
The U.K. National Crime Agency (NCA) has announced the arrest of four individuals in connection with significant cyber attacks targeting major British retailers, including Marks & Spencer, Co-op, and Harrods. The arrests, made across the West Midlands and London, are a crucial development in the ongoing investigation into a series…
Hackers are increasingly weaponizing AppleScript files to deliver macOS malware, masquerading as legitimate software updates for popular applications like Zoom and Microsoft Teams. This sophisticated new tactic emerged following Apple’s August 2024 patch that removed the “right-click and open” Gatekeeper override, forcing attackers to find alternative methods to bypass macOS…
Cisco has issued a critical warning regarding a new attack variant targeting its Secure Firewall products. The threat exploits previously disclosed zero-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362, which can lead to unpatched devices unexpectedly reloading and causing denial-of-service (DoS) conditions. Cybersecurity professionals are urged to apply the latest updates to their…
A sophisticated phishing campaign is currently targeting organizations throughout Central and Eastern Europe, employing deceptive tactics to steal user login credentials. This latest threat, identified by security analysts, impersonates well-known global brands such as Microsoft 365, Adobe, WeTransfer, FedEx, and DHL. The campaign’s efficacy stems from its novel delivery method,…