11:37 pm – June 7, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. This designation, announced on Tuesday, signals that the vulnerability is currently being actively exploited by threat actors in real-world attacks, a swift…
SentinelOne, a leader in AI-powered cybersecurity, has officially launched its state-of-the-art Singularity Platform on Google Cloud within Saudi Arabia. This strategic move provides Saudi organisations with advanced, autonomous threat prevention, detection, and response capabilities, ensuring that all sensitive security data remains within the Kingdom’s borders. The deployment aims to bolster…
Infostealer campaigns are aggressively expanding their reach to macOS users, a significant shift from their traditional Windows focus. Attackers are increasingly leveraging Python and exploiting trusted platforms to target Mac owners, silently stealing credentials, session cookies, and cryptocurrency data. This surge in macOS-targeted infostealers, including families like DigitStealer, MacSync, and…
A sophisticated cyberattack known as GlassWorm has infiltrated popular extensions hosted on the Open VSX Registry, transforming them into vehicles for malware distribution. Threat actors successfully compromised a trusted publisher account, using it to push malicious updates disguised as routine releases. These compromised extensions, downloaded by over 22,000 developers, targeted…
A new variant of the PDFly malware is employing sophisticated techniques, including a custom modification of PyInstaller, to hinder security analysts and evade detection. This advanced obfuscation strategy forces cybersecurity professionals to engage in extensive reverse-engineering efforts to understand the threat’s underlying code and operational mechanisms. The malware encrypts its…
Attackers are actively exploiting two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software, a familiar target in the network edge cybersecurity landscape. These defects allow unauthenticated users to remotely execute code, posing a significant risk to organizations relying on Ivanti for mobile device and application management. The vulnerabilities,…
A new, sophisticated phishing campaign targeting macOS users has been identified, employing fake compliance emails to deliver advanced malware designed to steal sensitive data. Researchers at Chainbase Lab and SlowMist have detailed the attack, which impersonates legitimate audit and compliance notifications to trick victims into compromising their systems. This threat…
Cybercriminals are exploiting a sophisticated phishing campaign to harvest user login credentials by impersonating Dropbox. This multi-stage attack is designed to bypass common email security filters by layering seemingly legitimate components, ultimately leading unsuspecting users to a fake login page. The primary goal is to steal sensitive account information. The…
Cybersecurity researchers have disclosed a critical vulnerability, dubbed DockerDash, impacting the AI assistant Ask Gordon, integrated into Docker Desktop and its Command-Line Interface (CLI). This flaw, patched in November 2025, could permit attackers to execute arbitrary code and steal sensitive data by exploiting how the AI processes image metadata. The…
The advanced persistent threat (APT) group known as Chollima APT, also referred to as Ricochet, has initiated a sophisticated cyber campaign targeting activists and organizations focused on North Korea. This campaign, dubbed “Operation: ToyBox Story,” commenced in March 2025 and leverages a combination of social engineering and advanced malware delivery…
A critical security vulnerability in the Metro Development Server, part of the widely-used “@react-native-community/cli” npm package, is actively being exploited by threat actors. This flaw, tracked as CVE-2025-11953 and dubbed “Metro4Shell,” carries a severe CVSS score of 9.8, enabling remote, unauthenticated attackers to execute arbitrary operating system commands on vulnerable…
A sophisticated phishing campaign is actively targeting Windows users, luring them into installing remote access tools through seemingly innocuous party invitations. This new threat leverages social engineering tactics to trick individuals into downloading and executing a malicious installer disguised as an RSVP, ultimately granting attackers unrestricted control over their systems.…