5:34 am – June 9, 2026 Check Point Research has issued a critical alert regarding the active exploitation of a significant vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw, identified as CVE-2026-50751, carries a high CVSS score of 9.3 and pertains to an authentication bypass within insecurely configured IKEv1 key exchange protocols. This…
A significant new threat has emerged in the software development landscape, dubbed “Mythos,” which is far more advanced than typical software vulnerabilities. Industry experts, including Dan Lorenc, CEO of Chainguard, assert that Mythos, despite initial skepticism as a mere marketing tactic, represents a fundamental shift in cyber threats. These are…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
Research & Analysis
More Articles
The sophisticated xHunt APT group has launched a series of targeted cyberattacks against organizations in Kuwait, specifically focusing on government, shipping, and transportation sectors. This advanced persistent threat actor, active since 2018, is employing a custom and evolving toolkit, with many of its tools named after characters from the popular…
A sophisticated Android malware campaign, dubbed NexusRoute, is actively targeting Indian citizens by impersonating official government applications like mParivahan and e-Challan. This operation leverages fake app versions distributed through phishing websites and malicious code hosted on platforms like GitHub to harvest login credentials and sensitive financial information, posing a significant…
Critical security vulnerabilities, including a severe authentication bypass flaw, have been discovered and publicly disclosed in FreePBX, the widely-used open-source private branch exchange (PBX) platform. These vulnerabilities, identified by researchers at Horizon3.ai, could allow attackers to gain unauthorized access and execute malicious code on vulnerable systems. The disclosures highlight ongoing…
Storm-0249, a threat actor previously known for widespread phishing campaigns, has evolved into a sophisticated initial access broker specializing in precision attacks. This strategic shift involves bypassing security measures by abusing legitimate, signed processes, particularly those related to endpoint detection and response (EDR) tools like SentinelOne, to hide malicious activities.…
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
By News RoomHackers are actively exploiting critical software vulnerabilities this week, impacting smartphone users, web browsers, and file compression tools. Critical updates are urgently needed to address these threats. In a significant development for cybersecurity, both Apple and Google have released security patches for zero-day vulnerabilities that were reportedly already being exploited…
A new social engineering campaign, identified by cybersecurity researchers as “ClickFix,” is ingeniously exploiting a decade-old Windows command-line tool, finger.exe, to trick unsuspecting users into downloading and executing malicious code. This sophisticated attack, observed since at least November 2025, leverages deceptive CAPTCHA verification pages to lure victims into initiating the…
A new ransomware strain, dubbed Gentlemen ransomware, has emerged as a significant threat, rapidly breaching corporate networks globally since its identification in August 2025. This sophisticated cybercriminal operation employs a double extortion model, exfiltrating sensitive data before encrypting it, thereby amplifying its leverage even when victims possess backups. Developed in…
OCR Studio has unveiled a new artificial intelligence system designed for augmented reality glasses, enhancing document security and personal identification. This groundbreaking technology, which operates entirely offline, promises to streamline document verification processes across various industries. The AI system, built directly into AR glasses, can recognize and interpret identification documents…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability affecting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog. This move follows reports of unauthorized actors actively exploiting the flaw, identified as CVE-2018-4063, in real-world attacks. The vulnerability presents a significant risk…
Apple has released critical security updates for a wide range of its operating systems and devices, including iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari, to patch two actively exploited security vulnerabilities. The urgent patches were issued on Friday, December 13, 2025, to address flaws that Apple stated may have…
The pro-Russia hacktivist group CyberVolk has resurfaced with a new ransomware-as-a-service platform named VolkLocker, capable of targeting both Linux and Windows systems. This development marks the group’s return after a period of inactivity in 2025, following initial takedown efforts by Telegram that had previously silenced their operations. The reemergence of…
A sophisticated, new AiTM (Adversary-in-the-Middle) attack campaign has emerged that successfully bypasses multi-factor authentication (MFA) protecting Microsoft 365 and Okta users. Discovered in early December 2025, this campaign represents a serious threat to organizations relying on these platforms for identity and access management, demonstrating advanced knowledge of authentication flows. The…