12:43 am – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A new software supply chain attack has surfaced on the npm registry, with malicious JavaScript packages delivering the PylangGhost remote access trojan (RAT). This marks the first confirmed instance of PylangGhost appearing on npm, a critical platform for open-source development, indicating a significant escalation by the North Korean state-sponsored threat…
Network infrastructure is increasingly becoming a prime target for cyber threats, with new malware strains like a **CondiBot variant** and the ‘Monaco’ cryptominer demonstrating their expanding reach. These threats leverage vulnerabilities in routers, firewalls, and other network devices, shifting the focus beyond high-end espionage to include botnets and cryptocurrency mining…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially recognized the active exploitation of a medium-severity vulnerability, CVE-2025-47813, affecting Wing FTP Server. This disclosure, made on March 17, 2026, places the vulnerability on CISA’s Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to implement patches. This information disclosure flaw,…
A newly identified botnet, dubbed RondoDox, has rapidly emerged as a significant cybersecurity threat, distinguished by its extensive arsenal of 174 exploits and strategic utilization of residential IP infrastructure. First observed in May 2025, RondoDox has escalated its operations, capable of launching up to 15,000 exploitation attempts daily, demonstrating considerable…
A sophisticated cyber espionage campaign, dubbed Operation CamelClone, has been actively targeting government agencies, defense institutions, and diplomatic bodies across multiple nations, including Algeria, Mongolia, Ukraine, and Kuwait. This operation utilizes spear-phishing emails containing malicious ZIP archives, which are designed to resemble official government correspondence. Upon activation, these archives trigger…
MOIS-Linked Destructive Intrusions Employ Handala Hack Utilizing RDP, NetBird, and Parallel Wipers
By News RoomAn Iranian threat actor, operating under the moniker Handala Hack, has launched a series of destructive cyberattacks targeting organizations in Israel, Albania, and the United States. These sophisticated intrusions leverage Remote Desktop Protocol (RDP) for network traversal, NetBird for clandestine traffic tunneling, and a suite of parallel data-wiping tools, aiming…
Fake shipment tracking scams surge in Middle East and Africa, stealing banking data via real-time phishing.
By News RoomCybercriminals are increasingly leveraging fake shipment tracking scams across the Middle East and Africa (MEA) region to steal sensitive banking data through sophisticated real-time phishing tactics. These evolving schemes exploit the widespread reliance on postal and courier services for e-commerce deliveries, turning everyday transactions into significant security vulnerabilities. According to…
A sophisticated malware campaign is actively distributing a Remote Access Trojan (RAT) by tricking users into downloading fake versions of the popular FileZilla FTP client. Fraudulent websites have been meticulously designed to mimic the official FileZilla download page, leading unsuspecting individuals to download malicious installer files. This stealthy attack aims…
IBM Discovers Slopoly, Suspected AI-Generated Malware Linked to Hive0163 Ransomware Attacks
By News RoomA significant development in the cybersecurity landscape emerged in early 2026 when IBM X-Force researchers uncovered “Slopoly,” a novel malware strain believed to be AI-generated and employed by the financially motivated threat group Hive0163. This discovery highlights a concerning acceleration in how cybercriminals are leveraging artificial intelligence, enabling them to…
A new, sophisticated variant of the ACRStealer malware has been identified, exhibiting advanced evasion techniques and encrypted command-and-control (C2) communication. This evolution of ACRStealer, a malware-as-a-service (MaaS) offering, poses a significant threat to users, particularly those active on gaming platforms. The latest iteration of ACRStealer was discovered by G Data…
Weekly Tech News Roundup Includes Chrome 0-Days, Router Botnets, AWS Breach, and Rogue AI Agents
By News RoomThe cybersecurity landscape is constantly evolving, presenting new challenges and threats to individuals and organizations alike. This past week has been particularly active, with researchers and security firms reporting on a range of vulnerabilities and malicious activities. From actively exploited zero-day vulnerabilities in widely used software to sophisticated supply chain…
A sophisticated cybercriminal group known as Konni APT has been identified orchestrating a multi-stage attack campaign that leverages spear-phishing emails and compromises KakaoTalk accounts to distribute malware. This advanced persistent threat (APT) group is employing North Korean human rights themes to socially engineer victims into downloading and executing malicious files.…