5:29 pm – June 8, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
The cybersecurity landscape is constantly evolving, and a recent development concerning the last layer standing in network defense has caught the attention of IT professionals worldwide. A report released this week by the Global Cybersecurity Institute (GCI) highlights emerging threats and the increasing importance of multi-factor authentication (MFA) as a…
Cisco Addresses Vulnerability in Unified Communications Manager Following Publication of Exploit Code
By News RoomCisco has issued a critical patch for a vulnerability in its Unified Communications Manager (UCM) that could allow unauthenticated attackers on a network to write arbitrary files to the system, potentially leading to full root access. This critical Cisco UCM vulnerability, tracked as CVE-2026-20230, poses a significant threat to organizations…
Research & Analysis
More Articles
Three malicious npm packages have been discovered targeting JavaScript developers, aiming to steal sensitive login credentials, API keys, and cryptocurrency wallet data. The packages, masquerading as legitimate tools for the popular Bitcoin ecosystem, were uploaded to the public npm registry and silently installed a remote access trojan known as NodeCordRAT…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two significant security flaws to its Known Exploited Vulnerabilities (KEV) catalog, warning of their active exploitation. These vulnerabilities affect widely used software from Microsoft and Hewlett Packard Enterprise (HPE), necessitating prompt action from organizations to protect their networks. The inclusion…
As the calendar turns to 2026, experts indicate that artificial intelligence (AI) is poised to continue its significant transformation of both physical and cyber security landscapes. The anticipated shifts span from enhanced surveillance capabilities to increasingly sophisticated automated cyber threats, signaling a year of accelerated evolution in risk management and…
A critical vulnerability affecting the n8n automation platform, used by approximately 100,000 servers globally, could allow attackers to gain complete control over targeted networks. The high-severity flaw, identified as CVE-2026-21858, was discovered by cybersecurity firm Cyera and reported to n8n on November 9. Developers released a patch for the vulnerability…
A sophisticated phishing campaign is actively exploiting Google Cloud services, specifically leveraging its workflow automation tools to steal Microsoft 365 login credentials. This emerging threat, identified by Malwarebytes researchers, highlights a concerning trend where attackers utilize the trusted infrastructure of major cloud providers to bypass security measures and deliver convincing…
Chinese threat actors have unleashed a new sophisticated campaign utilizing NFC-enabled Android malware, dubbed Ghost Tap, to steal payment data. This emerging threat targets unsuspecting users worldwide, leveraging Near Field Communication technology to discreetly harvest financial information. The Ghost Tap malware operates through a deceptive distribution model, with attackers tricking…
The healthcare sector is facing a severe and escalating threat from a sophisticated new ransomware strain known as CrazyHunter ransomware. This Go-developed malware is specifically targeting medical institutions, with reports indicating at least six organizations in Taiwan have already fallen victim to its advanced attacks. The critical nature of healthcare…
Windows Packer PowerShell Module Powers Widespread Malvertising Attacks Distributing Multiple Malware Strains
By News RoomA sophisticated Windows packer, identified as pkr_mtsi, has been observed powering widespread malvertising campaigns that distribute multiple malware families. First detected on April 24, 2025, this malicious tool is actively distributing trojanized installers disguised as legitimate software. These fake installers are delivered through counterfeit download websites that achieve high search…
Cybercriminals are employing a novel phishing tactic by embedding malicious QR codes directly within HTML tables in emails. This innovative method allows attackers to bypass traditional email security filters that are designed to detect image-based threats. The campaign, observed between December 22nd and December 26th, utilizes these imageless QR codes…
Hackers are increasingly exploiting complex email routing scenarios and misconfigured security settings to launch sophisticated phishing attacks. These malicious actors are capable of sending fake emails that appear to originate from within an organization, making them significantly harder for employees to identify and avoid. This deceptive tactic has been widely…
Cybersecurity researchers have unveiled a critical vulnerability, CVE-2026-21858, a maximum-severity flaw in the widely-used n8n workflow automation platform. This security loophole, codenamed Ni8mare, allows unauthenticated remote attackers to gain complete control over vulnerable n8n instances by exploiting a Content-Type confusion. The discovery, attributed to security researcher Dor Attias and reported…
The notorious Black Cat cybercriminal group has resurfaced with a sophisticated malware campaign, leveraging advanced search engine optimization (SEO) to distribute counterfeit versions of popular open-source software. By manipulating search engine algorithms, the group successfully positions meticulously crafted phishing websites, particularly for tools like Notepad++, at the very top of…