2:18 am – June 8, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Vulnerabilities found in 175,000 Ollama hosts allow code execution and external system access.
By News RoomA startling cybersecurity revelation indicates that roughly 175,000 publicly accessible Ollama servers worldwide are vulnerable to malicious code execution and unauthorized access to external systems. This widespread exposure arises from basic configuration changes made by administrators who may not fully grasp the security implications of exposing these powerful AI frameworks…
January 30, 2026 – The shadowy world of cybercrime is increasingly under scrutiny as law enforcement agencies worldwide conduct high-profile operations against what they term “Badges, Bytes and Blackmail.” Despite widely publicized arrests and takedowns, a comprehensive understanding of these efforts and the individuals caught remains elusive, necessitating a deeper…
Hackers have successfully weaponized a popular Open VSX extension, the ‘Angular Language Service,’ to distribute sophisticated malware that has infected over 5,000 developer workstations. The malicious extension, which mimicked a legitimate productivity tool for Angular developers, operated undetected for two weeks within the Open VSX marketplace before being flagged by…
Education-themed malicious domains identified as part of bulletproof hosting infrastructure.
By News RoomSecurity researchers have exposed a significant cyber threat campaign utilizing deceptive education-themed malicious domains to distribute malware and facilitate phishing attacks. This operation, identified by cybersecurity analysts and tracked under infrastructure indicators pointing to TOXICSNAKE, weaponizes the trust users place in educational institutions by creating fake websites that mimic legitimate…
Ivanti has issued critical security updates for its Endpoint Manager Mobile (EPMM) product following exploitations of two zero-day vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added one of these flaws, CVE-2026-1281, to its Known Exploited Vulnerabilities (KEV) catalog, mandating swift action from federal agencies. The vulnerabilities, both…
SmarterTools has rapidly addressed a critical security vulnerability in its SmarterMail email software, identified as CVE-2026-24423. This flaw, carrying a high CVSS score of 9.3 out of 10.0, presented a significant risk of unauthenticated remote code execution. The company released an update, Build 9511, on January 15, 2026, to patch…
The cybersecurity landscape is once again facing a resurgent threat with the reappearance of the Matanbuchus malware downloader. This sophisticated tool, known for its stealthy capabilities, is being actively employed by threat actors to deliver increasingly dangerous payloads, including ransomware, onto targeted enterprise systems. Recent security advisories highlight that Matanbuchus…
Continuous penetration testing must become standard practice for organisations, according to Tamer Odeh, Middle East and Africa Regional Lead at cybersecurity firm Horizon3.ai. Companies that rely solely on annual or infrequent security assessments risk creating significant visibility gaps in their IT defenses as cyber threats rapidly evolve. Odeh’s remarks are…
A new Python-based remote access trojan, dubbed PyRAT, has emerged, posing a significant threat to both Windows and Linux systems. This sophisticated malware is capable of extensive surveillance and data theft, operating through unencrypted HTTP channels to communicate with its command-and-control (C2) infrastructure. Security researchers at K7 Security Labs identified…
A dangerous and weaponized VS Code extension, disguised as a legitimate AI coding assistant, was recently discovered to be distributing the ScreenConnect Remote Access Trojan (RAT). Security researchers flagged the malicious extension, identified as a fake “ClawdBot Agent,” on January 27, 2026. This imposter successfully exploited the popularity and trust…
Threat Actors Use Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites
By News RoomCybercriminals are increasingly leveraging Google Search Ads to lure unsuspecting Mac users to malicious websites disguised as legitimate “Mac cleaner” tools. These deceptive ads appear prominently in search results for common Mac maintenance queries, tricking users into downloading malware that can grant attackers full control over their computers. This sophisticated…
Threat researchers have uncovered an actively serving command and control (C2) server believed to be hosting a complete deployment of the BYOB (Build Your Own Bot) framework. The discovery followed the identification of an exposed open directory, revealing malicious payloads designed for persistent remote access across Windows, Linux, and macOS…