2:28 am – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Microsoft addresses 84 vulnerabilities in March Patch Tuesday, including two publicly disclosed zero-days.
By News RoomMicrosoft released a significant batch of security patches on Tuesday, addressing 84 new vulnerabilities across its software ecosystem. This comprehensive update includes fixes for two publicly known zero-day exploits, underscoring the ongoing threat landscape for businesses and individuals. The release marks a critical moment for IT professionals to ensure their…
Microsoft released its monthly security update, Patch Tuesday, addressing a total of 83 vulnerabilities across its software suite. Notably, this release included no actively exploited zero-day vulnerabilities, a welcome change from previous months, and six defects assessed as more likely to be exploited by malicious actors. The update targets a…
A federal judge has halted Perplexity AI’s Comet browser from unauthorized access and purchases via user Amazon accounts. The decision comes as part of a preliminary injunction granted to Amazon, which alleges Perplexity’s actions violate computer fraud laws. The injunction, issued on March 9 by Judge Maxine Chesney of the…
FortiGate Device Vulnerabilities Enable Network Breaches and Service Account Credential Theft
By News RoomCybersecurity researchers are highlighting a concerning new campaign where threat actors are exploiting FortiGate Next-Generation Firewall (NGFW) appliances as a primary entry point to compromise victim networks. This innovative exploitation tactic targets organizations within the healthcare, government, and managed service provider sectors, leveraging either recently disclosed vulnerabilities or weak credentials.…
CISA warns of Ivanti Endpoint Manager authentication bypass vulnerability exploited in attacks
By News RoomThe Cybersecurity and Infrastructure Security Agency (CISA) has formally warned of a critical authentication bypass vulnerability in Ivanti Endpoint Manager (EPM), identifying it as CVE-2026-1603. This severe flaw, now cataloged on CISA’s Known Exploited Vulnerabilities (KEV) list, allows remote, unauthenticated attackers to steal sensitive stored credentials without any form of…
Cybersecurity researchers have identified nine critical vulnerabilities within Google Looker Studio, collectively dubbed “LeakyLooker.” These flaws could have allowed malicious actors to execute arbitrary SQL queries on victim databases and exfiltrate sensitive information across organizations’ Google Cloud environments. While Tenable, the firm that disclosed the research, stated there’s no evidence…
The rapid surge in security advisories from the self-hosted AI agent OpenClaw has exposed a significant and growing divide between GitHub’s advisory system and the established Common Vulnerabilities and Exposures (CVE) tracking ecosystem. Weeks after becoming GitHub’s most-starred repository, OpenClaw’s creators began publishing security advisories at an unprecedented rate, highlighting…
A sophisticated Chinese-linked cyberespionage campaign, attributed to the advanced persistent threat (APT) group Camaro Dragon, has targeted entities in Qatar with PlugX malware. The campaign, detected on March 1, 2026, commenced within 24 hours of renewed hostilities in the Middle East, deploying war-themed lure documents to trick recipients into installing…
Malware signed with legitimate certificates targets Teams and Zoom users with RMM backdoors.
By News RoomA sophisticated phishing campaign is exploiting the trust ingrained in familiar work applications, disguising malware as legitimate Microsoft Teams, Zoom, and Adobe Acrobat Reader updates. This advanced threat, identified by Microsoft Defender Experts, utilizes digitally signed malicious files that appear authentic, making them incredibly difficult for both end-users and basic…
CISA identifies active exploitation of SolarWinds, Ivanti, and Workspace One vulnerabilities
By News RoomThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following confirmed evidence of active exploitation by malicious actors. This proactive measure mandates federal agencies to patch these vulnerabilities to mitigate significant risks to the federal enterprise. The newly…
A sophisticated malware campaign, known as GhostClaw, is actively targeting software developers by masquerading as a legitimate command-line installer for a tool called “OpenClaw Installer.” This malicious package, published on the npm registry as @openclaw-ai/openclawai, stealthily infiltrates developer systems to exfiltrate sensitive credentials, cryptocurrency wallet details, SSH keys, active browser…
MaaS VIP Keylogger Campaign Employs Steganography, In-Memory Execution for Large-Scale Credential Theft
By News RoomA sophisticated credential-stealing campaign leveraging a stealthy tool known as VIP Keylogger has emerged as a significant threat to organizations worldwide. This advanced malware operates entirely in memory, bypassing traditional file-based detection methods. Security researchers first identified the campaign through suspicious email activity, which directed recipients to open deceptive attachments…