8:21 pm – June 18, 2026 Microsoft has formally acknowledged a critical vulnerability within its Defender Antivirus engine, publicly known as RoguePlanet. This zero-day flaw, now designated CVE-2026-50656, represents a significant privilege escalation risk within the widely used Microsoft endpoint security solution. The company is actively developing a patch to address the issue, which was recently…
A recent cyber intrusion into a small French automotive business has highlighted a critical vulnerability in typical cybersecurity remediation strategies. French-speaking attacker known as “Poisson” employed a sophisticated tactic of establishing a secondary, covert access channel before his primary command-and-control (C2) server was taken offline. This ensured continued access to…
CISA issues alert on actively exploited Joomla JCE vulnerability enabling PHP code execution
By News RoomCISA Adds Critical Joomla Vulnerability to Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog. This move, announced on Tuesday, June 17, 2026, signifies that…
Threat actors are actively exploiting multiple security vulnerabilities within Fortinet FortiSandbox appliances, according to a recent advisory from cybersecurity firm Defused Cyber. The firm reported observing exploitation attempts for three specific vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within a 24-hour period, highlighting an urgent need for organizations using these Fortinet products…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog. This designation mandates that Federal Civilian Executive Branch (FCEB) agencies must implement the necessary patches by June 18, 2026, to mitigate the risk…
Cisco has issued urgent security updates for a critical vulnerability affecting its Catalyst SD-WAN Manager, a widely used network management platform. This medium-severity flaw, identified as CVE-2026-20262, has been observed under active exploitation in the wild, prompting immediate action from affected organizations and government agencies. The vulnerability, which carries a…
Research & Analysis
More Articles
The advanced persistent threat (APT) group APT-C-08, also known as Manlinghua or BITTER, is actively exploiting a critical directory traversal vulnerability in WinRAR to target government organizations across South Asia. This sophisticated campaign represents the group’s first documented use of CVE-2025-6218, a flaw that allows attackers to bypass file system…
Windows users are currently at risk from a sophisticated backdoor malware campaign that is weaponizing a legitimate open-source utility known as SteamCleaner. This malicious operation leverages a compromised version of the Steam cleanup tool to establish persistent access to infected systems, allowing attackers to execute remote commands and potentially steal…
A vast phishing campaign is targeting travelers globally, utilizing over 4,300 newly created malicious domains to pilfer payment card details. The operation systematically impersonates well-known travel brands to dupe individuals into divulging sensitive financial information, posing a significant threat to online security for those planning or experiencing travel. Researchers have…
Phishing attacks leverage compromised ESET installers to distribute Kalambur backdoor in Ukraine
By News RoomA new wave of cyberattacks targeting Ukrainian entities has surfaced, with threat actors impersonating the well-known cybersecurity firm ESET. Discovered in May 2025, ESET is tracking this threat cluster as “InedibleOchotense,” which it assesses as being aligned with Russian interests. This campaign highlights the evolving tactics of nation-state-backed hacking groups…
A sophisticated cyber attack attributed to a China-linked threat actor aimed to establish long-term persistence within a U.S. non-profit organization. This incident, detailed in a report from Broadcom’s Symantec and Carbon Black teams, is believed to be part of a broader campaign targeting U.S. entities involved in policy discussions on…
Google’s Mandiant Threat Defense has identified active exploitation of a critical security vulnerability, CVE-2025-12480, within Gladinet’s Triofox file-sharing and remote access platform. The flaw, which carries a CVSS score of 9.1, allows unauthenticated attackers to bypass security controls, access configuration pages, and subsequently upload and execute malicious code. This marks…
Microsoft Addresses 63 Security Vulnerabilities, Including Exploited Windows Kernel Flaw
By News RoomMicrosoft has released its November 2025 Patch Tuesday update, addressing a total of 63 new security vulnerabilities across its software products. Of particular concern is one zero-day flaw that has already been actively exploited in the wild. This significant update underscores the ongoing efforts by vendors to patch critical security…
Amazon Discovers Advanced Threat Actor Exploiting Cisco ISE and Citrix NetScaler Zero-Days Amazon’s threat intelligence team has uncovered evidence of a sophisticated threat actor actively exploiting two zero-day vulnerabilities in critical network infrastructure. The attacks targeted Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products, aiming to deploy custom…
An Iranian-backed ransomware-as-a-service (RaaS) operation, Pay2Key, has re-emerged with heightened aggression, targeting Israel and the United States. Operating under the new moniker Pay2Key.I2P, this financially motivated scheme is now offering significantly larger profit shares to cybercriminals, indicating a strategic escalation in cyber warfare aimed at geopolitical adversaries. The updated ransomware…
A critical security vulnerability within the Wing FTP Server, identified as CVE-2025-47812 with a CVSS score of 10.0, is actively being exploited in the wild. This maximum-severity flaw allows for remote code execution due to improper handling of null bytes in the server’s web interface. Wing FTP Server has released…
The landscape of enterprise security is undergoing a seismic shift. A groundbreaking new analysis, the Browser Security Report 2025, reveals that the user’s browser has emerged as the central nexus for the most critical identity, SaaS, and AI-related risks. However, traditional security controls like Data Loss Prevention (DLP), Endpoint Detection…
Fortinet SSL VPNs Targeted in Significant Brute-Force Attack Spike Cybersecurity researchers are sounding the alarm over a notable surge in brute-force traffic specifically targeting Fortinet SSL VPN devices. The coordinated malicious activity, meticulously tracked by threat intelligence firm GreyNoise, commenced on August 3, 2025, and involved an extensive network of…