6:19 am – June 8, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
Threat Actors Employ Fake BSODs and Trusted Build Tools to Evade Defenses and Deploy DCRat
By News RoomA sophisticated new malware campaign is actively targeting the hospitality industry by leveraging deceptive Blue Screen of Death (BSOD) warnings and legitimate Microsoft build tools to bypass security defenses and deploy the potent DCRat remote access trojan. This operation, identified as PHALT#BLYX, utilizes convincing phishing emails impersonating reservation cancellations to…
Cyberattackers exploit Mjobtime app vulnerability using MSSQL and IIS POST requests against construction firms.
By News RoomConstruction firms are facing a new wave of cyber threats as attackers exploit vulnerabilities in job site business software. One recent target is the Mjobtime construction time-tracking application, which commonly uses Microsoft IIS with an MSSQL database. Security researchers have identified a critical flaw in Mjobtime version 15.7.2, tracked as…
Governata, a Riyadh-based startup focused on enterprise data management and governance, has secured US$4 million in seed funding to bolster Saudi Arabia’s AI-ready data infrastructure. The investment, from a mix of regional and international investors, signals strong support for the Kingdom’s digital transformation goals and the company’s unique Arabic-first approach…
CISA Adds Actively Exploited VMware vCenter Vulnerability CVE-2024-37079 to Known Exploited Vulnerabilities Catalog
By News RoomThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially placed a critical vulnerability affecting Broadcom VMware vCenter Server on its radar, adding CVE-2024-37079 to its Known Exploited Vulnerabilities (KEV) catalog. This move, made on January 24, 2026, follows evidence of the flaw being actively exploited in the wild. The…
A sophisticated fake captcha ecosystem is exploiting trusted web infrastructure to deliver malware, posing a significant threat to internet users. These deceptive verification pages mimic legitimate security checks, tricking unsuspecting individuals into downloading malicious software or granting dangerous browser permissions. This emerging attack vector highlights a concerning trend in cybercrime,…
Threat actors are weaponizing LNK files to deploy the MoonPeak malware, a dangerous remote access trojan targeting Windows systems. This sophisticated campaign, believed to be orchestrated by North Korea-affiliated groups, primarily ensnares South Korean investors and cryptocurrency traders by disguising malicious files as legitimate trading strategy documents. The attack chain…
WordPress sites vulnerable to backdoor exploits enabling unauthorized administrator creation.
By News RoomA critical backdoor vulnerability has been discovered in the LA-Studio Element Kit for Elementor, a popular WordPress plugin utilized by over 20,000 active websites. This security flaw allows malicious actors to create administrator accounts without any authentication, posing a severe risk of complete website takeover for thousands of online businesses.…
Cybercriminals are now leveraging generative artificial intelligence (GenAI) to dynamically transform seemingly clean webpages into malicious phishing tools in real-time, a significant evolution in web-based threats that poses new challenges for cybersecurity detection and prevention efforts. Security researchers at Palo Alto Networks discovered that attackers can embed specially crafted instructions…
A new macOS malware named MacSync is posing a significant threat to cryptocurrency users, employing sophisticated social engineering tactics to harvest sensitive data. This infostealer, operating as a Malware-as-a-Service (MaaS), tricks victims into pasting a single command into their Terminal application, thereby bypassing macOS security measures and compromising their systems.…
CISA Adds Four Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities Catalog
By News RoomThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added four new security flaws to its catalog of Known Exploited Vulnerabilities (KEV). This designation signifies that the agency has observed active exploitation of these weaknesses in real-world cyberattacks. The inclusion of these vulnerabilities in the KEV catalog mandates that…
A new watering hole attack is actively targeting developers who use EmEditor, a popular text editor widely adopted within Japanese programming communities. In late December 2025, the official EmEditor download page was compromised, allowing threat actors to distribute malicious versions of the software installer to unsuspecting users. This incident highlights…
Fortinet confirms active FortiCloud SSO bypass vulnerability on patched FortiGate firewalls
By News RoomFortinet is actively addressing a critical FortiCloud SSO authentication bypass vulnerability after new reports surface detailing exploitation attempts on fully patched network firewalls. This ongoing security concern highlights a concerning new attack vector affecting the company’s widely used FortiGate appliances, prompting urgent advisories for network administrators worldwide. The network security…