5:37 am – June 8, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Microsoft has released urgent security patches to address a high-severity zero-day vulnerability in Microsoft Office, tracked as CVE-2026-21509. This critical flaw, described as a security feature bypass within Microsoft Office, has a CVSS score of 7.8 out of 10.0 and has already been exploited in active attacks. The company’s out-of-band…
Threat Actors Exploit Fake Notepad++ and 7-zip Websites to Deploy Remote Monitoring Tools
By News RoomCybercriminals are increasingly weaponizing legitimate Remote Monitoring and Management (RMM) tools by distributing them through fake software download websites. Threat actors are using these deceptive portals, which impersonate popular utilities like Notepad++ and 7-Zip, to trick unsuspecting users into installing RMM applications, such as LogMeIn Resolve. Once installed, these RMM…
Lazarus hackers, a state-sponsored North Korean cyber espionage group also known as HIDDEN COBRA, are actively targeting European drone manufacturing companies with a new cyberespionage campaign dubbed Operation DreamJob. This sophisticated operation, which began in late March 2025, aims to steal proprietary information and intellectual property from organizations developing unmanned…
ChatGPT users are being warned about malicious Chrome browser extensions that have been discovered to steal account credentials. LayerX Research identified at least 16 such extensions, all appearing to originate from the same threat actor and designed to compromise user accounts and potentially their identities. These extensions, often disguised as…
A sophisticated new malware-as-a-service toolkit named Stanley has emerged, posing a significant threat to internet users by enabling attackers to redirect them to malicious websites while maintaining the appearance of legitimate URLs in the browser’s address bar. Discovered in January 2026, this highly deceptive tool is designed to harvest sensitive…
Cybersecurity researchers have unearthed two malicious Microsoft Visual Studio Code (VS Code) extensions, masquerading as sophisticated AI coding assistants, that secretly exfiltrate sensitive developer data to servers in China. These extensions, which collectively boast over 1.5 million installations and remain accessible on the official VS Code Marketplace, pose a significant…
Late December 2025 witnessed a significant cybersecurity incident targeting Poland’s critical energy infrastructure, with the Russian-aligned Sandworm APT group identified as the perpetrator. The sophisticated attack involved the deployment of a previously unknown data-wiping malware, subsequently named DynoWiper, raising alarms about the escalating threat to national power grids. This incident…
Industry, government, nonprofits discuss voluntary regulations for commercial hacking tools
By News RoomAn international initiative is working to establish voluntary standards for the commercial cyber intrusion industry, focusing on how to define the scope, encourage adherence, and address companies with a history of questionable practices. The Pall Mall Process, which previously addressed government use of commercial hacking tools, is now turning its…
A sophisticated phishing campaign, active between November 2025 and January 2026, has been identified leveraging Vercel’s legitimate hosting platform to distribute remote access tools. This advanced attack chain combines social engineering with the exploitation of trusted domains, enabling it to effectively bypass traditional security measures and deliver potent malware to…
Weekly Cybersecurity Review: Firewall Vulnerabilities, AI-Generated Malware, Browser Exploits, Critical CVEs
By News RoomSecurity failures, often subtle, are increasingly emerging through compromised trusted tools and long-unquestioned habits, according to this week’s cybersecurity news recap. Attackers are demonstrating agility, blending established tactics with novel exploitation vectors, rendering “patched” a less definitive state of security while software continues to serve as a primary entry point.…
A sophisticated espionage campaign, identified as ‘SyncFuture’, has been targeting residents of India since December 2025. This malware operation is notable for its use of legitimate enterprise security software as a tool to deploy advanced malicious code. Threat actors have been distributing phishing emails that impersonate official communications from India’s…
North Korea’s notorious Lazarus Group is orchestrating a sophisticated supply chain attack through a campaign dubbed “Fake Font,” cunningly leveraging fake job interviews and compromised GitHub repositories to deploy malware onto software developers’ systems. This campaign, which has been active for over 100 days, has recently escalated, with analysts identifying…