9:55 pm – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A sophisticated Android malware campaign, impersonating official Regional Transport Office (RTO) challan notifications, is actively targeting users in India, posing a significant threat to personal and financial security. The malicious applications are being distributed outside the official Google Play Store, primarily through messaging platforms like WhatsApp, exploiting public trust in…
Russian state-sponsored hackers, widely recognized as APT28, have launched a sophisticated cyber espionage campaign targeting high-value government and military entities across Europe. The operation, which exploits a critical Microsoft Office vulnerability (CVE-2026-21509), is primarily aimed at maritime and transport organizations in Poland, Ukraine, and Turkey. This zero-click exploit allows attackers…
Cybercriminals are increasingly deploying sophisticated social engineering tactics to bypass traditional security measures, with a new campaign dubbed “Voicemail Trap” posing a significant threat. This evolving attack method uses deceptive voicemail notifications to trick users into granting hackers remote access to their systems, bypassing conventional defenses through manipulation rather than…
ThreatsDay Bulletin Reports on Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions, and Over 15 Other Incidents
By News RoomThe cybersecurity landscape is rapidly evolving, with attackers increasingly industrializing their operations and finding subtle entry points into systems. This week’s threat intelligence reveals a trend of escalating cybercrime efficiency, characterized by shared infrastructures, repeatable playbooks, and affiliate programs, transforming isolated campaigns into service-like operations. Understanding these subtle yet significant…
A new and formidable ransomware operation known as DragonForce has emerged as a significant cybersecurity threat, targeting critical business infrastructure worldwide since its appearance in late 2023. Operating on a ransomware-as-a-service (RaaS) model, DragonForce equips cybercriminals with a comprehensive toolkit to launch sophisticated attacks, encrypting valuable data while simultaneously exfiltrating…
Canadian citizens are currently facing a sophisticated phishing campaign designed to steal their personal and financial information through fraudulent traffic ticket payment portals. Attackers are employing search engine optimization (SEO) poisoning techniques to ensure these deceptive websites appear prominently in search results when individuals look for ways to pay provincial…
Saudi Arabia’s manufacturing sector is entering a pivotal phase of transformation, fuelled by rapid advancements in smart factory technologies, AI-led automation, industrial IoT, and robotics, all aligned with the Kingdom’s Vision 2030 ambitions. These innovations are reshaping production processes and reflecting Saudi Arabia’s commitment to building a globally competitive industrial…
Infy Hackers Resume Operations Using New Command and Control Servers Following Iran Internet Blackout
By News RoomThe Iranian hacking group known as Infy, also referred to as Prince of Persia, has significantly evolved its tactics, shifting its command-and-control (C2) infrastructure to align with the recent easing of an internet blackout imposed by Iranian authorities. This strategic move suggests state sponsorship and a desire to evade detection…
A sophisticated cybersecurity campaign dubbed “KongTuke” has escalated its tactics, now leveraging DNS TXT records to execute PowerShell commands. This threat actor group, active since mid-2025, has evolved its “ClickFix” social engineering strategy to bypass traditional security measures by embedding malicious staging instructions within the Domain Name System. This evolution…
A sophisticated new 3-step malvertising chain is abusing Facebook paid ads to push a tech support scam (TSS) kit, posing a significant risk to individual cybersecurity in the United States. Malicious actors are increasingly weaponizing social media ads to bypass traditional security filters and deliver harmful content to unsuspecting victims.…
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
By News RoomA critical security vulnerability has been discovered in the n8n workflow automation platform, potentially allowing attackers to execute arbitrary system commands on affected servers. The flaw, identified as CVE-2026-25049, carries a high CVSS score of 9.4, highlighting its significant risk to users of the popular automation tool. n8n, a widely…
A sophisticated new threat known as the DesckVB RAT, version 2.9, has emerged in active malware campaigns observed throughout early 2026. This advanced remote access Trojan, built on the .NET framework, is designed to establish persistent control over compromised systems while employing techniques to evade traditional cybersecurity defenses. The DesckVB…