9:41 am – June 8, 2026 A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Flaw in Claude Code GitHub Action Uncovered, Posing Repository Takeover Risk A security vulnerability has been discovered in Anthropic’s Claude Code GitHub Action, allowing attackers to potentially hijack vulnerable public repositories. The flaw, reported by security researcher RyotaK of GMO Flatt Security, could enable a malicious actor to execute arbitrary…
ThreatsDay Bulletin Details AI Agent Malfunctions, C2 Tools, ClickFix Exploits, JavaScript Backdoors, and Over 20 New Developments.
By News RoomThe cybersecurity landscape continues to present complex challenges, with a persistent blend of evolving threats and persistent vulnerabilities. This ongoing dynamic highlights the critical importance of robust security practices and continuous vigilance for organizations across all sectors. As the digital realm expands, the intricate web of threats, from sophisticated nation-state…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of attackers actively exploiting the flaw, tracked as CVE-2026-45247, in the wild, posing a significant risk to e-commerce…
Research & Analysis
More Articles
A new initiative aims to extend legal protections for independent security researchers into the rapidly evolving field of artificial intelligence. Following the Department of Justice’s 2020 policy shift concerning “good faith” security research under the Computer Fraud and Abuse Act, a prominent bug bounty platform is now proposing a framework…
A sophisticated new spear-phishing campaign is targeting Argentina’s judicial sector, leveraging authentic-looking federal court rulings to distribute a dangerous Remote Access Trojan (RAT) for remote access. Security researchers have identified this highly targeted attack which employs multi-stage infection techniques to gain persistent access to sensitive legal and institutional data. The…
The notorious Gootloader malware has resurfaced with advanced evasion techniques, posing a significant threat to organizations worldwide. First detected in November 2025, this initial access broker has been observed working in tandem with the Vanilla Tempest threat actor group, facilitating Rhysida ransomware attacks. Gootloader’s primary strength lies in its ability…
A critical security vulnerability (CVE-2025-14533) affecting the popular Advanced Custom Fields: Extended WordPress plugin has exposed over 100,000 websites to potential full takeover. The flaw, with a CVSS score of 9.8 (Critical), allows unauthenticated attackers to escalate their privileges to administrator level by exploiting how user registration forms handle roles.…
A series of critical security vulnerabilities have been discovered in mcp-server-git, the official Git Model Context Protocol (MCP) server developed by Anthropic. These flaws, detailed in a recent report, could empower attackers to read or delete arbitrary files and, under specific circumstances, execute malicious code on a system. The vulnerabilities…
A groundbreaking study has revealed that advanced AI language models like GPT-5.2 can now autonomously develop working exploits for zero-day vulnerabilities. Security researcher Sean Heelan conducted an experiment challenging two sophisticated AI systems, GPT-5.2 and Opus 4.5, to create exploits for a previously unknown flaw in the QuickJS JavaScript interpreter.…
Brivo and Eagle Eye Networks announced Tuesday they are merging to form the world’s largest AI cloud-native physical security company. Dean Drako, chairman of Brivo and founder of Eagle Eye Networks, stated the combined entity will operate under the Brivo name and aims to provide a unified cloud-native platform for…
Cloudflare has resolved a significant security vulnerability within its Automatic Certificate Management Environment (ACME) validation logic. The flaw, discovered in October 2025, could have allowed unauthorized access to origin servers by bypassing critical security controls. Fortunately, Cloudflare stated it has found no evidence of malicious exploitation. Cloudflare Addresses ACME Validation…
VoidLink, a sophisticated new malware framework developed in China, is redefining the threat landscape for Linux cloud environments. First identified by Check Point Research on January 13, 2026, VoidLink distinguishes itself from traditional rootkits through its innovative architecture, which overcomes long-standing challenges in kernel compatibility and portability across different Linux…
Leaked API keys and the subsequent security breaches are becoming alarmingly common, yet sensitive tokens continue to be exposed with surprising ease. Intruder’s research team investigated why this vulnerability persists, examining the shortcomings of traditional vulnerability scanners and developing a novel method for secrets detection that addresses these gaps. By…
A new Python-based malware, dubbed SolyxImmortal, has emerged, targeting Windows systems with sophisticated data-stealing capabilities. First observed in January 2026, this information-stealing malware prioritizes stealthy, long-term surveillance over destructive actions, silently harvesting sensitive data like credentials, documents, and keystrokes. Attackers are leveraging Discord webhooks to exfiltrate this stolen information, a…
Attackers are exploiting Discord, a popular communication platform for gamers and streamers, to distribute a stealthy clipboard hijacker. This malicious software targets cryptocurrency users by silently replacing wallet addresses when victims paste them, leading to unauthorized fund transfers. The threat actor, identified as “RedLineCyber,” focuses on fostering trust within gaming…