12:30 am – June 9, 2026 
Check Point Research has issued a critical alert regarding the active exploitation of a significant vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw, identified as CVE-2026-50751, carries a high CVSS score of 9.3 and pertains to an authentication bypass within insecurely configured IKEv1 key exchange protocols. This…
A significant new threat has emerged in the software development landscape, dubbed “Mythos,” which is far more advanced than typical software vulnerabilities. Industry experts, including Dan Lorenc, CEO of Chainguard, assert that Mythos, despite initial skepticism as a mere marketing tactic, represents a fundamental shift in cyber threats. These are…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
Research & Analysis
More Articles
A new alliance formed between three prominent ransomware groups—Qilin, DragonForce, and LockBit—is marking a concerning development in the global cybercrime landscape. Announced on September 15, 2025, on a Russian underground forum, this coalition is seen as a strategic maneuver by these operators to counter increased pressure from international law enforcement…
A new credential-harvesting campaign targeting users of UKR.NET, a prominent Ukrainian webmail and news service, has been identified. The sophisticated operation is attributed to BlueDelta, a Russian state-sponsored hacker group also known by aliases such as APT28, Fancy Bear, and Forest Blizzard. This group has a long history of conducting…
A newly identified Business Email Compromise (BEC) group, dubbed “Scripted Sparrow,” is employing extensive automation to generate and distribute attack messages across three continents. This sophisticated operation, detailed by Fortra analysts, primarily targets organizations by impersonating executive coaching and leadership training consultancies, aiming to deceive employees into processing fraudulent invoices.…
Iranian nation-state APT actors, known ominously as “Prince of Persia,” have re-emerged, launching a sophisticated cyberespionage campaign against global critical infrastructure and private networks. This group, active since the early 2000s, is now employing updated malware variants to infiltrate systems and pilfer sensitive intelligence. Their latest operations demonstrate a significant…
The advanced persistent threat (APT) group known as Cloud Atlas has continued its sophisticated cyberespionage campaign throughout the first half of 2025, aggressively targeting organizations across Eastern Europe and Central Asia. This ongoing operation leverages critical vulnerabilities within outdated Microsoft Office software to deliver a multi-stage payload, ultimately enabling the…
Cybercriminals are actively engaging in a sophisticated phishing campaign targeting users of the popular marketing and sales platform, HubSpot. This attack combines advanced social engineering tactics with compromised website infrastructure to steal the credentials of unsuspecting marketing professionals and business teams. The primary goal is to gain unauthorized access to…
WatchGuard has issued critical security fixes for its Fireware OS following the exploitation of a severe vulnerability, tracked as CVE-2025-14733. This out-of-bounds write flaw, affecting the iked process, poses a significant network security risk by allowing remote, unauthenticated attackers to execute arbitrary code. The company confirmed active exploitation in real-world…
Authorities in Nigeria have announced the arrest of three individuals accused of involvement in extensive phishing attacks targeting major corporations. The operation, which disrupted the RaccoonO365 phishing-as-a-service (PhaaS) scheme, marks a significant success for law enforcement in combating online fraud. The Nigeria Police Force National Cybercrime Centre (NPF–NCCC), in collaboration…
The notorious Clop ransomware group has initiated a new data extortion campaign, specifically targeting Internet-facing Gladinet CentreStack file servers. This latest move signifies a continuation of the threat actor’s established pattern of exploiting widely used file transfer solutions to compromise organizations and steal sensitive data. Recent intelligence indicates that over…
North Korean hackers have set a new, alarming benchmark in the cryptocurrency landscape, achieving a record-breaking heist of $2.02 billion in 2025. This surge represents a significant 51% increase from the previous year, pushing their cumulative cryptocurrency theft since 2016 to an astonishing $6.75 billion. The trend indicates that despite…
A significant security vulnerability has been discovered affecting numerous motherboard models from prominent manufacturers like ASRock, ASUS, GIGABYTE, and MSI. This flaw, related to early-boot direct memory access (DMA) attacks, leaves systems susceptible before the operating system’s safeguards are fully established. The vulnerability impacts systems utilizing Unified Extensible Firmware Interface…
A newly identified China-aligned advanced persistent threat (APT) group, dubbed LongNosedGoblin, has been observed conducting sophisticated cyberespionage campaigns targeting governmental entities across Southeast Asia and Japan. Active since at least September 2023, this threat actor utilizes a custom toolset built on C#/.NET malware families to achieve its objectives of intelligence…