Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Active Exploitation of Cisco Catalyst SD-WAN Manager CVE-2026-20245
Cisco has confirmed active exploitation of the CVE-2026-20245 (CVSS 7.8) vulnerability in Cisco Catalyst SD-WAN Manager, which allows an authenticated ...
Asin Android spyware campaign targets Arabic-speaking OSINT users
Researchers from the Slovak company ESET have documented a new family of Android spyware codenamed Asin, targeting Arabic-speaking users. The ...
ReliaQuest Uncovers OP-512, a Stealthy IIS Espionage Framework
ReliaQuest has disclosed a previously unknown threat cluster designated OP-512, targeting Microsoft Internet Information Services (IIS) servers. The group uses ...
Critical Everest Forms Pro RCE and Emerging Stripe-Based Skimming Campaigns
The critical remote code execution vulnerability CVE-2026-3300 (CVSS 9.8) in the Everest Forms Pro plugin for WordPress is being actively ...
PCPJack’s Cloud SMTP Proxy Network Targets Linux Servers
The PCPJack group, according to researchers at Hunt.io, compromised about 230 cloud servers on Amazon Web Services, Google Cloud, and ...
How CVE-2026-20230 Puts Cisco Unified CM at Risk
Cisco has released a fix for critical vulnerability CVE-2026-20230 in Cisco Unified Communications Manager (Unified CM) and its Session Management ...
TA4922 ramps up global phishing using Atlas RAT and new loaders
The Chinese-speaking cybercriminal group TA4922, previously focused on targets in East Asia, has expanded its attack geography to European organizations ...
Multi-stage WordPress infection abusing Steam Community C2
According to GoDaddy researchers, around 1,980 WordPress-based sites have been infected with multi-stage malware that uses Steam Community profiles as ...
How Microsoft’s Conflict With 0-Day Researcher Nightmare Eclipse Escalated
Microsoft published a statement in which it stepped back from its aggressive rhetoric in a conflict with security researcher Nightmare ...
Mirasvit Full Page Cache Warmer Magento RCE Actively Exploited
On June 3, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added vulnerability CVE-2026-45247 to its Known Exploited Vulnerabilities ...
