7:09 am – June 8, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A sophisticated new breed of phishing-as-a-service (PhaaS) kits specifically engineered for voice-based attacks poses a significant and escalating threat to enterprise users of major technology platforms. Okta Threat Intelligence has identified multiple custom phishing kits being sold on a service basis, enabling coordinated campaigns targeting employees of companies such as…
North Korea-aligned hackers have adopted artificial intelligence (AI) to generate sophisticated malware, marking a significant escalation in their cyber warfare capabilities. The group, identified as KONNI, is employing AI-generated PowerShell code to deliver a stealthy backdoor, blending legitimate project content with malicious scripts. This new campaign specifically targets developers and…
CrowdStrike is expanding its global data sovereignty programme with new in-country cloud deployments planned for Saudi Arabia, India, and the United Arab Emirates. This initiative aims to allow organisations in these regions to utilize CrowdStrike’s Falcon platform while keeping their sensitive data within national borders. The company anticipates further expansion…
A new and sophisticated malware campaign is underway, with threat actors disguising malicious proxyware as legitimate Notepad++ software tools. This campaign, attributed to the threat actor Larva-25012, has been observed primarily targeting users in South Korea. The attackers are luring victims through deceptive advertisement pages and fake download portals that…
Security vulnerabilities in the Canonical Snap Store have escalated, enabling hackers to distribute malicious software, including crypto-stealing applications, through the popular Linux package repository. This sophisticated campaign targets both desktop and server environments, exploiting user trust in legitimate software packages to compromise digital assets and potentially impact organizational security infrastructure.…
A sophisticated phishing campaign is targeting PNB MetLife insurance customers, luring them into fake payment gateway pages that steal personal details and redirect them to fraudulent UPI transactions. The scam cleverly exploits the trusted reputation of PNB MetLife by creating convincing mobile-optimized portals that mimic legitimate premium payment services. These…
A new ransomware strain, dubbed Osiris, has been identified launching attacks against a major food service company in Southeast Asia in November 2025. Security researchers distinguish this as an entirely new malware family, unrelated to an older ransomware with the same name from 2016. The emergence of this advanced Osiris…
A nonprofit watchdog group has filed a lawsuit against federal agencies seeking records related to a data sharing agreement between the Transportation Security Administration (TSA) and Immigrations and Customs Enforcement (ICE). This agreement reportedly involves the use of domestic travel data for immigration enforcement purposes. The lawsuit was filed Thursday…
A sophisticated phishing campaign, dubbed “ClickFix,” is actively targeting Facebook users, particularly content creators and business owners, by illicitly stealing their account credentials and session tokens. This widespread attack, which has seen significant growth since early 2025, leverages social engineering tactics, masquerading as official Facebook verification processes to trick victims…
Serious GNU InetUtils telnetd vulnerability allows attackers to bypass login and gain root access
By News RoomA critical security vulnerability in the GNU InetUtils telnet daemon, known as telnetd, has been disclosed after remaining undetected for almost 11 years. This flaw, designated CVE-2026-24061, carries a severe CVSS score of 9.8 out of 10.0, indicating a high risk to systems utilizing the affected software. The vulnerability impacts…
U.S. authorities have successfully dismantled the operations of “r1z,” a prolific initial access broker who peddled gateways into corporate networks worldwide. Operating discreetly across numerous cybercrime forums, r1z offered a lucrative menu of stolen VPN credentials, remote access to enterprise environments, and custom tools designed to circumvent sophisticated security controls.…
Researchers confirm Jordan government deployed Cellebrite phone-cracking technology against activists.
By News RoomJordanian authorities are alleged to have used Cellebrite phone-cracking technology to access the devices of domestic activists and human rights defenders. The findings come from an investigation by the University of Toronto’s Citizen Lab, which suggests nonconsensual data extraction from activist phones between late 2023 and mid-2025. Citizen Lab, working…