6:50 am – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Malvertising actor D-Shortiez uses WebKit back-button hijack in forced-redirect browser campaign
By News RoomA sophisticated malvertising campaign orchestrated by a threat actor known as D-Shortiez is exploiting a specific behavior in Apple’s WebKit browser engine to trap iOS Safari users on malicious scam pages. This cunning tactic, dubbed the “back-button hijack,” prevents victims from easily navigating away, forcing them onto fraudulent websites through…
A sophisticated malvertising campaign is actively targeting macOS users globally, deploying a new variant of the AMOS infostealer named “malext.” Attackers are leveraging Google Search ads to direct unsuspecting victims to fake help articles on free text-sharing platforms. These seemingly innocuous pages contain deceptive terminal commands that silently install the…
The recent surge of AI-assisted cyberattacks against Fortinet FortiGate appliances has been traced to an open-source, AI-native security testing platform named CyberStrikeAI. This discovery, made by Team Cymru, sheds light on how threat actors are leveraging sophisticated artificial intelligence tools for malicious purposes. The platform was identified through the analysis…
Cyber conflict escalates as Iran experiences internet disruption amid retaliatory hacktivist actions.
By News RoomA coordinated cyber offensive launched by the United States and Israel on February 28, 2026, code-named Operation Epic Fury and Operation Roaring Lion respectively, has ignited a volatile cyber conflict. This escalating cyber conflict saw Iran go offline, prompting a swift and formidable retaliatory campaign from hacktivist groups and state-aligned…
An autonomous bot named hackerbot-claw launched a week-long attack campaign targeting major open-source projects, exploiting GitHub Actions CI/CD misconfigurations between February 21 and February 28, 2026. The bot opened over a dozen pull requests across at least six repositories, successfully achieving remote code execution in at least four of them,…
A sophisticated supply chain attack has been uncovered, targeting developers by exploiting the OpenVSX registry to inject malicious code into popular VS Code extensions. The attack, first identified on March 2, 2026, involved unauthorized code being embedded within two versions of the Aqua Trivy VS Code extension, versions 1.8.12 and…
Android users are facing a new security threat as Google announced on Monday that a high-severity flaw affecting an open-source Qualcomm component has been exploited in the wild. This vulnerability, identified as CVE-2026-21385, carries a CVSS score of 7.8 and resides within the Graphics component of the Android operating system,…
Threat Actors Use AuraStealer Infostealer with 48 Command and Control Domains in Active Campaigns
By News RoomA new information-stealing malware, dubbed AuraStealer, has emerged as a significant threat in the cybersecurity landscape since mid-2025. Developed by Russian-speaking threat actors, AuraStealer first surfaced on underground hacking forums in July 2025. Its rapid deployment followed the disruption of the Lumma stealer infrastructure, a move that created a market…
A sophisticated phishing campaign known as GTFire is exploiting two of Google’s most trusted services, Firebase and Google Translate, to pilfer login credentials from unsuspecting victims globally. This alarming trend highlights how cybercriminals are increasingly leveraging legitimate infrastructure to bypass traditional security measures, making it significantly harder to detect and…
New Chrome vulnerability allows malicious extensions to escalate privileges via Gemini panel
By News RoomCybersecurity researchers have disclosed a critical vulnerability in Google Chrome, identified as CVE-2026-0628, that could have allowed attackers to escalate privileges and access local files on a user’s system. This flaw, which has since been patched by Google, highlights emerging security challenges in the integration of artificial intelligence (AI) directly…
CISA Warns of Resurgent Malware Exploiting Zero-Day Vulnerabilities in Ivanti Connect Secure Devices
By News RoomA significant cybersecurity alert has been issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) regarding a new malware variant named RESURGE. This sophisticated malware is actively exploiting a critical zero-day vulnerability, CVE-2025-0282, to breach Ivanti Connect Secure devices. The discovery highlights the ongoing threats to secure remote access…
Weekly Recap: SD-WAN Zero-Day, Critical Vulnerabilities, Telegram Investigation, Smart TV Proxy SDK
By News RoomThis week’s cybersecurity landscape reveals a dynamic and interconnected threat environment where vulnerabilities in network systems, cloud configurations, AI tools, and everyday applications are being actively exploited. The ongoing trends highlight a pattern of faster, more sophisticated attacks that leverage normal functionalities and trusted services as entry points, with a…