4:46 pm – June 8, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Research & Analysis
More Articles
The United States is withdrawing from key international organizations focused on strengthening cybersecurity, a move that signals a significant shift in U.S. engagement with global digital security efforts. This decision impacts groups dedicated to promoting online freedom and countering complex cyber threats. The Trump administration announced its departure from the…
ThreatsDay Bulletin Covers RustFS Flaw, Iranian Operations, WebUI RCE, Cloud Leaks, and 12 Additional Stories
By News RoomThe cybersecurity landscape remains a dynamic and often perilous environment, with attackers constantly evolving their tactics. This week’s developments highlight the ingenuity of threat actors, the significant risks posed by overlooked vulnerabilities, and the persistent exploitation of well-established tools. From sophisticated honeypot operations to widespread malware campaigns and critical infrastructure…
China-Nexus Actor UAT-7290 Linked to Espionage Operations A sophisticated threat actor, identified as UAT-7290 and believed to operate with ties to China, has been implicated in espionage-focused cyber intrusions targeting organizations across South Asia and Southeastern Europe. The activity cluster, active since at least 2022, meticulously gathers extensive technical intelligence…
A new sophisticated infostealer named AuraStealer is posing a significant threat to Windows users, actively stealing data from over 110 browsers and 70 applications. This malware-as-a-service, developed in C++, operates through a subscription model and has been observed spreading via “Scam-Yourself” campaigns on platforms like TikTok, preying on users seeking…
Two critical vulnerabilities in Cisco’s Snort 3 detection engine have been disclosed, potentially compromising network security for numerous organizations. These flaws, identified as CVE-2026-20026 and CVE-2026-20027, allow remote attackers to either disrupt packet inspection services or leak sensitive data from affected systems. The discoveries highlight ongoing challenges in securing sophisticated…
Concerns are mounting over online platforms allowing the generation and dissemination of nonconsensual sexualized deepfakes, with many questioning why X owner Elon Musk is not being compelled by regulators or law enforcement to halt such practices. The proliferation of these AI-generated images, particularly those created using X’s GrokAI tool, has…
Cisco has issued urgent security updates to address a medium-severity vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). The flaw, identified as CVE-2026-20029, carries a CVSS score of 4.9 and poses a risk of sensitive information disclosure for organizations leveraging these network security solutions. The…
A sophisticated new attack, dubbed ConsentFix, has emerged, allowing threat actors to bypass Microsoft Entra authentication flows and steal sensitive keys. This inventive OAuth-based attack quietly exploits legitimate authentication processes, posing a significant threat to cloud security just as the year concluded. The technique underscores a growing trend in cyber…
Chainguard, a prominent provider of open-source software security, has released its inaugural “State of Trusted Open Source” report, offering a detailed analysis of how organizations currently utilize and secure their open-source software supply chains. Based on an extensive dataset encompassing over 1800 container image projects, 148,000 versions, and nearly half…
Cybersecurity researchers have uncovered a novel technique that allows hackers to leverage Windows kernel structures to hide malicious processes from detection tools, even while advanced security measures like PatchGuard remain active. This exploitation of Kernel Patch Protection (PatchGuard) by attackers, detailed by Outflank analysts, circumvents standard monitoring capabilities, presenting a…
Cybersecurity researchers have disclosed a slew of critical vulnerabilities impacting Coolify, a popular open-source self-hosting platform. These security flaws, ranging from critical-severity command injection to information disclosure, could allow attackers to bypass authentication and execute arbitrary code on affected servers, leading to full system compromise. The discoveries highlight potential risks…
BlueDelta Hackers Expand Credential Theft Operations Targeting Microsoft OWA, Google, and Sophos VPN Users BlueDelta, a Russian state-sponsored threat group identified as being linked to the country’s military intelligence agency, the GRU, has significantly broadened its credential-stealing activities throughout 2025. Between February and September, the group conducted multiple sophisticated phishing…