4:24 am – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Cybersecurity researchers have identified a sophisticated new variant of the ClickFix attack that leverages the Windows Terminal application to directly execute malicious payloads on unsuspecting user systems. This evolved social engineering tactic bypasses traditional defenses by tricking users into initiating the attack themselves, making it both harder to detect and…
Microsoft reports North Korean threat groups are increasing sophisticated phishing operations using generative AI.
By News RoomNorth Korean threat groups are leveraging artificial intelligence (AI) tools to significantly accelerate and expand their long-running operations. These sophisticated schemes involve infiltrating global companies by hiring remote technical workers for extended periods, according to a recent report from Microsoft Threat Intelligence. The report details how AI services are acting…
Linux rootkits are emerging as a significant and sophisticated threat within modern IT infrastructure, leveraging advanced kernel features to evade detection. This escalation in sophistication, highlighted by recent research, signifies a critical shift in the cybersecurity landscape, particularly as Linux systems become increasingly prevalent in cloud environments, container orchestration, IoT…
China-linked hackers are actively targeting telecommunication providers across South America with sophisticated new malware, according to a recent report. The advanced persistent threat actor, identified as UAT-9244, has been deploying a custom toolkit since early 2024 to establish deep access into critical network infrastructure, impacting both Windows and Linux systems,…
A new Android banking malware termed “Mirax Bot” has been advertised on underground cybercriminal forums, promoting its advanced capabilities for financial fraud. This sophisticated malware-as-a-service (MaaS) is being offered with structured rental tiers, significantly lowering the entry barrier for cybercriminals to engage in large-scale banking fraud against Android users globally.…
New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team has uncovered evidence of Iranian hackers, identified as the state-sponsored group MuddyWater, infiltrating the networks of several U.S. companies. The targets include financial institutions, airports, non-profit organizations, and the Israeli branch of a software company, signaling a potential escalation…
Phishing emails direct users to fake ChatGPT and Gemini iOS apps to steal login credentials.
By News RoomA sophisticated phishing campaign is actively targeting iPhone users by impersonating prominent AI platforms like OpenAI’s ChatGPT and Google’s Gemini. Attackers are distributing deceptive emails that trick recipients into downloading fraudulent apps disguised as legitimate AI tools from Apple’s official App Store. These fake applications are designed to steal users’…
Artificial intelligence (AI) tools are rapidly integrating into daily workflows, from simple web page summarizers to sophisticated decision-making agents. However, researchers have uncovered a new and insidious threat: indirect prompt injection (IDPI). This cybersecurity vulnerability allows attackers to embed hidden instructions within ordinary web content, cunningly tricking AI systems into…
CISA Adds Hikvision and Rockwell Automation Vulnerabilities to Known Exploited Vulnerabilities Catalog
By News RoomThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities, one impacting Hikvision products and another affecting Rockwell Automation systems, to its Known Exploited Vulnerabilities (KEV) catalog. This addition signifies that CISA has found evidence of active exploitation in the wild, posing immediate risks to organizations…
A coordinated cybersecurity campaign has targeted cryptocurrency firms, with evidence suggesting involvement of threat actors potentially linked to North Korea. The sophisticated attacks compromised multiple layers of the crypto supply chain, including staking platforms, exchange software providers, and exchanges themselves, resulting in the theft of proprietary source code, private keys,…
A sophisticated cybercriminal group, Funnull, previously sanctioned by the U.S. Treasury, has resurfaced with a potent new toolkit named RingH23. This arsenal is being used to systematically compromise Content Delivery Network (CDN) nodes and inject malicious code into the popular MacCMS content management system, ultimately redirecting millions of users to…
Cybercriminals are leveraging fake download pages impersonating the AI coding assistant Claude Code to distribute infostealer malware. This tactic exploits the growing trust in AI tools among developers and IT professionals, tricking them into downloading malicious files disguised as legitimate software. The campaign was observed using .com as a delivery…