3:25 am – June 9, 2026 Check Point Research has issued a critical alert regarding the active exploitation of a significant vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw, identified as CVE-2026-50751, carries a high CVSS score of 9.3 and pertains to an authentication bypass within insecurely configured IKEv1 key exchange protocols. This…
A significant new threat has emerged in the software development landscape, dubbed “Mythos,” which is far more advanced than typical software vulnerabilities. Industry experts, including Dan Lorenc, CEO of Chainguard, assert that Mythos, despite initial skepticism as a mere marketing tactic, represents a fundamental shift in cyber threats. These are…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
Research & Analysis
More Articles
A new sophisticated malware campaign, dubbed “GhostPoster,” has been uncovered, successfully infecting approximately 50,000 Firefox users by cleverly hiding malicious code within seemingly harmless PNG icons of browser extensions. This novel attack vector allows for stealthy execution, bypassing conventional security measures that often overlook image files. The GhostPoster campaign exploits…
In a recent cyberespionage campaign, the BlindEagle hackers have once again targeted Colombian government institutions, demonstrating a sophisticated approach to bypass email security controls. A specific operation focused on an agency within the Ministry of Commerce, Industry, and Tourism utilized a compromised internal email account to send highly convincing phishing…
As global security threats evolve at an unprecedented pace, Intersec 2026 is poised to deliver a critical forum for exploring the intersection of artificial intelligence, cybersecurity, and physical safety measures. The event will convene international leaders in these sectors to address emerging challenges and showcase innovative solutions. Intersec 2026 is…
Microsoft has detailed critical mitigations for the React2Shell RCE vulnerability (CVE-2025-55182), a pre-authentication remote code execution flaw that gravely impacts React Server Components and Next.js environments. This vulnerability, carrying a maximum CVSS score of 10.0, allows threat actors to compromise servers with a single malicious HTTP request, with exploitation attempts…
Hackers Demonstrate Capability to Manipulate Internet-Connected Solar Panel Systems for Rapid Attacks
By News RoomA new class of internet-based attacks is transforming solar power infrastructure into a critical vulnerability, enabling malicious actors to disrupt energy production swiftly using readily available tools and open ports. Modern solar farms commonly employ networked operational technology, such as SCADA controllers and string monitoring boxes, many of which still…
The increasing adoption of Large Language Models (LLMs) by cybercriminals is significantly accelerating ransomware operations, transforming them with functional tools and Ransomware-as-a-Service (RaaS) capabilities. This advancement is democratizing access to sophisticated attack methods, enabling less experienced actors to develop potent malware and infrastructure. The threat landscape is consequently fragmenting, shifting…
A sophisticated Russian state-sponsored hacking group has been actively targeting network edge devices within Western critical infrastructure since at least 2021, with operations intensifying significantly throughout 2025. This campaign, linked to Russia’s Main Intelligence Directorate (GRU) and the well-known Sandworm cyber-espionage group, signifies a notable evolution in their modus operandi.…
Security researchers have identified a concerning resurgence in the online infrastructure activity of APT-C-35, a sophisticated threat group also known as DoNot. This India-based actor, widely recognized as a state-sponsored entity with a focus on espionage in South Asia, continues to leverage distinctive technical markers to maintain its command-and-control channels.…
A sophisticated supply chain attack has been uncovered targeting .NET developers through a malicious NuGet package named Tracer.Fody.NLog. This package, which mimicked a legitimate tracing tool, was discovered by Socket.dev analysts to harbor code designed to steal cryptocurrency wallet data, specifically from Stratis wallets. The attack vector utilized typosquatting and…
Omertà Market, a newly launched dark web marketplace, has been forced to shut down after just two weeks due to the public leak of its actual server IP addresses. The marketplace, which opened on November 21, 2025, with promises of unparalleled stability and security, was quickly compromised by a security…
NoName057(16), a Russian-linked hacktivist group, is intensifying its cyberattacks against NATO member states and European organizations using a sophisticated crowdsourced botnet known as DDoSia. This threat actor, operating with apparent backing from Russian government interests, has been actively launching distributed denial-of-service (DDoS) attacks since March 2022, demonstrating a significant and…
Attackers linked to Russia’s GRU have intensified their targeting of Western critical infrastructure, with a particular focus on the energy sector, as part of an ongoing campaign that began in 2021. The shift in tactics indicates a strategic evolution by the sophisticated threat group. Amazon Threat Intelligence reported Monday that…