11:49 pm – June 8, 2026 Check Point Research has issued a critical alert regarding the active exploitation of a significant vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw, identified as CVE-2026-50751, carries a high CVSS score of 9.3 and pertains to an authentication bypass within insecurely configured IKEv1 key exchange protocols. This…
A significant new threat has emerged in the software development landscape, dubbed “Mythos,” which is far more advanced than typical software vulnerabilities. Industry experts, including Dan Lorenc, CEO of Chainguard, assert that Mythos, despite initial skepticism as a mere marketing tactic, represents a fundamental shift in cyber threats. These are…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
Research & Analysis
More Articles
Cybercriminals are employing a sophisticated new tactic, combining the social engineering lure of “ClickFix” with advanced steganography techniques to hide malicious payloads within seemingly harmless PNG image files. This evolving attack strategy, detailed by Huntress analysts, represents a significant shift in how threat actors deliver information-stealing malware to unsuspecting victims.…
The UAE has approved a national encryption policy, a move experts believe is a crucial step to safeguard digital infrastructure against the impending threat of quantum computing. This proactive stance positions the nation among a select few globally to address the cybersecurity challenges posed by increasingly powerful computational capabilities. Announced…
A malicious npm package named “lotusbail” has been discovered actively stealing user data, including sensitive WhatsApp messages, from potentially tens of thousands of developers worldwide. The rogue package, masquerading as a legitimate API library for WhatsApp Web integration, has seen over 56,000 downloads since its introduction to the npm registry.…
SideWinder APT Hackers Target Indian Entities with Sophisticated Income Tax Scams Advanced persistent threat (APT) group SideWinder has launched a new phishing campaign targeting Indian entities, masquerading as the Income Tax Department of India. The sophisticated attack aims to deploy a stealthy Windows backdoor, enabling the attackers to steal sensitive…
A sophisticated cyber attack campaign, attributed to the South American threat group BlindEagle, has recently targeted government agencies in Colombia, demonstrating an alarming evolution in their methodology. The group launched a coordinated assault on a government agency within the Ministry of Commerce, Industry and Tourism (MCIT) in early September 2025,…
A new, sophisticated Android malware family named Wonderland has surfaced, posing a significant threat to users in Uzbekistan and the broader Central Asia region. This advanced stealer, first identified in October 2025, specializes in intercepting SMS messages and one-time passwords (OTPs), marking a substantial escalation in mobile threats targeting financial…
The cybercriminal group known as Arcane Werewolf, also identified as Mythic Likho, has enhanced its offensive capabilities with the deployment of Loki 2.1, a new iteration of their custom malware toolkit. Researchers observed this threat actor group orchestrating campaigns specifically targeting Russian manufacturing firms during October and November of 2025.…
A significant cybersecurity vulnerability, dubbed “Sleeping Bouncer,” has been identified by Riot Games analysts and researchers, impacting motherboards from major manufacturers including Gigabyte, MSI, ASRock, and ASUS. This critical flaw targets pre-boot protection mechanisms, potentially allowing malicious code to be injected before operating systems and traditional security software are fully…
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
By News RoomCyber threats in the past week have highlighted a crucial shift: attackers no longer require sophisticated, large-scale breaches to inflict significant damage. Instead, they are increasingly targeting the everyday tools and software that organizations and individuals rely on daily, from network firewalls to browser extensions and smart TVs. This trend…
A newly discovered cyberattack, dubbed “Lies-in-the-Loop,” is exploiting the trust users place in AI code assistant safety dialogs, turning them into a vector for remote code execution. Researchers from Checkmarx have identified this significant vulnerability, which affects prominent AI platforms such as Claude Code and Microsoft Copilot Chat, posing a…
Threat actors are increasingly targeting Microsoft 365 (M365) accounts by exploiting a sophisticated phishing technique known as OAuth device code phishing. This method leverages a legitimate Microsoft feature, the OAuth 2.0 device authorization flow, to trick users into granting unauthorized access to their accounts. Attackers are using this growing attack…
Cyber attackers recruit financial, telecom, and tech employees for illicit access and data.
By News RoomCybercriminals are increasingly shifting their tactics, moving away from traditional attack methods like brute force and social engineering to actively recruit insiders within organizations. Recent findings reveal that employees in sensitive sectors such as banking, telecommunications, and technology are being targeted through darknet forums to sell access to corporate networks,…