1:58 pm – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A sophisticated phishing campaign is actively targeting Booking.com partners and customers, leveraging the trusted travel brand to orchestrate multi-stage financial fraud. This evolving threat, observed since early January 2026, utilizes cleverly disguised emails and messaging to first compromise hotel accounts and then exploit guest booking details for fraudulent transactions. Researchers…
Zero-Day Exploitation of Dell RecoverPoint Linked to China-Nexus Threat Group UNC6201 A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by a suspected China-nexus threat cluster, identified as UNC6201, since mid-2024. Google Mandiant and Google Threat Intelligence Group (GTIG) revealed that this exploitation targets CVE-2026-22769,…
Credit card fraud is undergoing a significant transformation, evolving into a sophisticated Carding-as-a-Service (CaaS) market. This burgeoning underground economy provides criminals with an organized and accessible platform for acquiring stolen payment data, specialized tools, and even customer support, effectively professionalizing financial crime. Despite global efforts to combat illicit financial activities,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. This critical update necessitates immediate attention from organizations to mitigate potential attacks leveraging these security flaws. The latest additions to the KEV catalog highlight…
Cybersecurity researchers have identified a concerning evolution in the ‘ClickFix’ social engineering campaign. Threat actors are now leveraging a novel technique to install malware by storing malicious payloads within a victim’s browser cache, effectively bypassing traditional security measures. This sophisticated approach represents a significant shift in how attackers aim to…
Matanbuchus, a prominent Malware-as-a-Service (MaaS) loader, has re-emerged in February 2026 after an extended absence of nearly a year. The latest version, Matanbuchus 3.0, boasts a complete code overhaul and now carries a substantial monthly subscription fee of up to $15,000, a significant increase from its previous pricing structure. This…
Cybercriminals exploit Atlassian Cloud for spam campaigns redirecting to fraudulent investment schemes
By News RoomCybercriminals are leveraging the trusted infrastructure of Atlassian Cloud to launch sophisticated spam campaigns, redirecting unsuspecting targets to fraudulent investment schemes. This tactic bypasses traditional email security controls by exploiting legitimate platform features, making detection significantly harder. The attackers are focusing on high-value government and corporate entities across various language…
DigitStealer, a sophisticated information-stealing malware targeting macOS systems, has recently surged in activity, drawing significant attention from the cybersecurity community. First emerging in late 2025, this malicious software specifically targets Apple M2 devices, distinguishing itself from generic threats. It operates primarily by harvesting sensitive user data, including information from 18…
Cybersecurity researchers have uncovered further alarming details regarding a persistent Chinese state-sponsored cyber espionage campaign. This ongoing operation, linked to the threat group UNC6201, has been exploiting a critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines since at least mid-2024, demonstrating how sophisticated attacks can evade detection for extended…
A dangerous new threat has emerged on GitHub, with malicious actors creating a fake version of the legitimate macOS application, Triton, to distribute Windows-based malware. This sophisticated attack exploits the open-source platform to lure unsuspecting users into downloading harmful executables, highlighting a growing trend of threat actors leveraging code repositories…
Cybersecurity researchers have revealed a novel technique that transforms AI assistants, specifically those with web browsing capabilities like Microsoft Copilot and xAI Grok, into stealthy command-and-control (C2) relays. This method, dubbed “AI as a C2 proxy” by Check Point, allows attackers to mask malicious communications within legitimate enterprise traffic, significantly…
Researchers are warning of