10:11 am – June 6, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A sophisticated cyberattack campaign, tracked as UAC-0247, has been actively targeting critical local government and municipal healthcare institutions across Ukraine since early 2026. The threat actors are specifically aimed at stealing sensitive data from internet browsers and WhatsApp, and are methodically expanding their reach within compromised networks. The campaign initiates…
A stark new analysis reveals that Google Chrome, the world’s most popular web browser, offers minimal protection against invasive user tracking techniques such as browser fingerprinting and data leaks through HTTP headers. The research, published on April 14, 2026, by digital identity expert Alexander Hanff, indicates that everyday Chrome browsing…
March sees 31 high-impact vulnerabilities exploited, including a Cisco FMC zero-day attack.
By News RoomMarch 2026 marked an intense period for cybersecurity, with 31 high-impact vulnerabilities actively exploited across nearly two dozen major technology vendors. This surge in real-world attacks included a significant zero-day vulnerability targeting Cisco’s Secure Firewall Management Center, exploited by the Interlock Ransomware Group before a patch was available. Microsoft and…
Cybersecurity researchers have uncovered a substantial network of malicious infrastructure operating within Russia’s commercial hosting environments. Over a three-month period from January 1 to April 1, 2026, more than 1,250 active command-and-control (C2) servers were identified across 165 distinct Russian infrastructure providers. This discovery highlights the sophisticated embedding of cyberattack…
A sophisticated cybercriminal operation known as “Pushpaganda” is weaponizing Google Discover, a popular content aggregation service, to distribute malicious push notifications to users across multiple countries. Researchers have uncovered that this campaign cleverly leverages AI-generated content and aggressive social engineering tactics to trick users into subscribing to harmful notification streams,…
The National Institute of Standards and Technology (NIST) has announced it will narrow its focus for analyzing security vulnerabilities due to an overwhelming influx of defects. This change aims to ensure the long-term sustainability of the National Vulnerability Database (NVD), which has previously faced challenges including a funding lapse earlier…
Cybercriminals are increasingly leveraging Google Cloud Storage to bypass email filters and distribute malware, a new report reveals. This sophisticated phishing tactic uses the widely trusted cloud platform to host malicious pages that deliver the Remcos Remote Access Trojan (RAT). The attack chain, identified by ANY.RUN’s threat research team, bypasses…
MuddyWater-style attackers scanned over 12,000 systems before targeting Middle East critical sectors.
By News RoomA sophisticated cyber campaign, exhibiting strong operational similarities to the notorious MuddyWater threat group, has been identified conducting extensive scans on over 12,000 internet-exposed systems across various regions. This widespread reconnaissance was followed by highly targeted attacks against critical sectors in the Middle East, including aviation, energy, and government entities.…
Artificial intelligence is fundamentally altering how people navigate the internet, with new agentic LLM browsers moving beyond simple page display to actively read content, execute tasks, and even complete complex user requests. This evolution, while promising enhanced productivity, has exposed significant security vulnerabilities, according to Varonis Threat Labs. These advanced…
Cybercriminals are leveraging a sophisticated tactic within Microsoft 365, exploiting built-in mailbox rules to silently intercept sensitive business communications. This emerging threat allows attackers to capture financial data, redirect confidential emails, and even suppress critical security alerts without alerting the account owner. Microsoft 365 mailbox rules, designed for productivity, are…
Hackers maintained backdoor access in WordPress plugins for eight months before deploying malware.
By News RoomA sophisticated cyberattack exploited trusted WordPress plugins, hiding a backdoor for eight months before activating malicious malware. The incident, uncovered in April 2026, highlights a calculated supply chain attack that leveraged the acquisition of a legitimate plugin business to compromise hundreds of thousands of WordPress websites. This sophisticated method of…
Triad Nexus, linked to FUNNULL, reappears with over 175 rotating CNAME domains and global scam portals.
By News RoomA sophisticated cybercriminal operation, known as Triad Nexus and linked to the FUNNULL Content Delivery Network, has resurfaced with a significantly evolved and evasive infrastructure. Following U.S. Treasury sanctions, the group has deployed over 175 randomly rotating CNAME domains to power a vast network of global scam portals, demonstrating a…