10:37 pm – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Cybersecurity researchers have uncovered an active web traffic hijacking campaign actively compromising NGINX installations and popular management panels like Baota (BT). The sophisticated attack redirects legitimate user traffic through infrastructure controlled by threat actors, raising significant concerns for web security. Datadog Security Labs identified that these malicious actors are leveraging…
The Airport Security Market is experiencing robust growth, projected to expand from a current valuation exceeding USD $19.9 billion to over USD $45 billion by 2035. This significant upswing is primarily attributed to the escalating volume of global air travel and a heightened focus on mitigating security risks. The expansion…
A sophisticated cyber-espionage group dubbed Amaranth-Dragon has been identified as using a critical WinRAR vulnerability, CVE-2025-8088, to gain persistent access to the systems of government and law enforcement agencies across Southeast Asia. This sophisticated threat actor has been actively targeting networks in Thailand, Singapore, and the Philippines throughout 2025, with…
Interlock Ransomware Actors Utilize Gaming Anti-Cheat Driver 0-Day to Bypass Endpoint Security
By News RoomThe cybersecurity landscape is facing a new and sophisticated threat from the Interlock ransomware group, which has been observed employing an innovative technique to disable critical security software. This advanced tactic involves exploiting a zero-day vulnerability within a legitimate gaming anti-cheat driver, allowing the attackers to bypass Endpoint Detection and…
A sophisticated new malware loader, dubbed PhantomVAI, is being deployed in global phishing campaigns, delivering a range of information-stealing malware and remote access trojans (RATs) to compromised Windows systems. This advanced threat actor uses a technique known as process hollowing to evade detection, making it a significant concern for cybersecurity…
The SystemBC malware, first identified in 2019, has resurfaced as a formidable botnet, now encompassing over 10,000 compromised devices worldwide. This advanced threat operates primarily as a SOCKS5 proxy and a backdoor, enabling threat actors to conceal their malicious activities and maintain persistent access to infected networks. The botnet’s resilient…
Enterprise security teams are grappling with a sophisticated new wave of cyber threats as threat actors increasingly abuse legitimate Microsoft and Google platforms to launch attacks. This trend sees attackers leveraging trusted cloud services like Microsoft Azure Blob Storage and Google Firebase to host their malicious infrastructure, a stark contrast…
A new sophisticated malware campaign is targeting Chinese-speaking users, distributing the ValleyRAT backdoor disguised as a legitimate installer for the popular messaging application, LINE. This deceptive tactic aims to infiltrate user systems and steal sensitive login credentials. The malware employs a complex, multi-stage infection process designed to bypass security measures…
New cyber espionage campaigns linked to Chinese threat actors have been identified, targeting government and law enforcement agencies across Southeast Asia throughout 2025. This sophisticated activity, dubbed “Amaranth-Dragon” by cybersecurity firm Check Point Research, exhibits a high degree of stealth and focus, indicating a long-term strategy for geopolitical intelligence gathering.…
Notepad++ Update Infrastructure Compromised in Supply Chain Attack Delivering Targeted Malware
By News RoomThe popular text editor Notepad++ has been the victim of a sophisticated supply chain attack that compromised its update infrastructure, according to a February 2, 2026, disclosure by its developers. This breach, which allowed attackers to distribute targeted malware, remained undetected for several months and highlights the ongoing threats to…
A sophisticated and stealthy attack campaign is hijacking home internet connections by compromising vulnerable routers and redirecting user traffic through a network of malicious DNS resolvers operated by Aeza International, a hosting firm previously sanctioned by the U.S. government. This “shadow” network allows threat actors to manipulate where users go…
Security experts are observing a significant increase in cyberattacks aimed at exfiltrating the NTDS.dit file. This critical database holds encrypted password hashes for all accounts within a Windows Active Directory environment. Successful theft of this file grants attackers the ability to perform offline password cracking, potentially leading to the complete…