Critical Everest Forms Pro flaw exploited to take over WordPress sites
Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. The security issue affects versions 1.9.12 and earlier of the plugin and can be leveraged without authentication to execute arbitrary code on the server. Everest Forms Pro is a commercial add-on […]
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. Both Japanese companies advised users who entered their account login data in the authentication screens to change their passwords to access the service. The login pop-ups were generated by the external service hosted at polyfill[.]io, […]
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. Serv-U is the company’s Windows and Linux file transfer software that offers Managed File Transfer (MFT) and FTP server capabilities, which allow users to securely exchange files via HTTP/HTTPS, […]
Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. An investigation into the incident revealed that the threat actor had gained access to the victim network at least 18 months before detection, and had also compromised the victim organization’s […]
Dark web Nemesis Market vendor gets 26 years for selling drugs
A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world’s largest dark web marketplaces. 39-year-old Darren Hughes of San Jose was convicted on drug trafficking charges in November 2025 and was sentenced by U.S. District Judge John F. Kness on […]
Over 900 US gas station tank gauge systems exposed to attacks
Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks. ATG systems are electronic monitoring devices used to remotely track fuel, chemicals, or other liquids in storage tanks, automating inventory control, […]
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. The zero-day flaw impacts all deployment types, including On-Prem Deployment, Cisco SD-WAN Cloud-Pro, Cisco SD-WAN Cloud (Cisco Managed), and Cisco SD-WAN for Government (FedRAMP). In a Thursday advisory, Cisco said the […]
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave Software has announced the public release of Origin, a paid minimalist, bloat-free version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused features. The browser maker says Brave Origin is designed for users who want a more streamlined, privacy-focused browser without the company’s optional revenue-generating services and integrations. “Today, Brave is […]
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. The compromise was uncovered during periodic certification checks on Hola Browser as part of its AppEsteem certification testing procedure, which it had previously passed. Hola is an Israeli […]
Credit card theft campaign abuses Stripe to host stolen payment info
A new Magecart campaign is using Stripe’s API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. The entire malicious activity relies on Google Tag Manager and Stripe domains – googletagmanager.com and api.stripe.com – that are trusted implicitly by online stores. The new malware family was discovered by researchers at […]