-
A critical vulnerability in the Everest Forms Pro plugin is being actively exploited, allowing attackers to seize control of vulnerable WordPress websites. Security researchers have observed ongoing attacks targeting the flaw, which enables unauthenticated threat actors to create administrator accounts without valid credentials. Once attackers gain administrative access, they can modify site content, install malicious…
-
Cybersecurity officials are warning organizations to patch SolarWinds Serv-U immediately after attackers began actively exploiting a recently disclosed vulnerability. The SolarWinds Serv-U flaw allows threat actors to crash vulnerable servers using specially crafted requests. Following reports of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities…
-
Researchers have uncovered new malware used by a Chinese cyber espionage group to maintain access inside compromised networks. The campaign involved multiple previously undocumented tools that helped attackers remain active after the initial breach. Investigators say the malware was designed to support long-term intelligence gathering, allowing operators to move through victim environments while reducing the…
-
Security researchers at Microsoft have uncovered vulnerabilities in Anthropic’s Claude Code that could have allowed attackers to access sensitive information and execute malicious actions on developer systems. The findings raise fresh concerns about the security risks surrounding AI-powered coding assistants. As organizations increasingly rely on these tools to write code, review projects, and automate development…
-
Thousands of students and graduates may face increased phishing risks after an incident affecting a careers platform used by the University of Oxford. The Oxford careers breach did not originate within the university’s own systems. Instead, the exposure stemmed from a cybersecurity incident involving a third-party provider responsible for operating the CareerConnect platform. While investigators…
-
Visitors to several well-known websites recently faced an unexpected threat when fake Microsoft login prompts began appearing on pages associated with trusted brands. Security researchers traced the activity to a Polyfill-related compromise that allowed attackers to inject phishing content into legitimate websites, including pages connected to Toshiba and Muji. The incident demonstrates how cybercriminals continue…
-
Artificial intelligence has reached another milestone in healthcare after scientists launched human trials for what is being described as an AI-designed vaccine. The experimental vaccine was developed using machine learning tools that analyzed vast amounts of viral data to identify common targets shared across multiple coronavirus strains. The project represents a significant step beyond using…
-
Thousands of users experienced disruptions after a Claude outage affected Anthropic’s AI platform and triggered errors across several services. The incident temporarily prevented users from accessing Claude normally, causing failed requests, slow responses, and interruptions to workflows that rely on the company’s AI models. Although Anthropic restored operations within hours, the disruption quickly attracted attention…
-
Baker Distributing Company is facing scrutiny after cybercriminals claimed to have stolen and leaked a large volume of corporate data. The alleged incident came to light when the ShinyHunters extortion group published samples of files that it says were taken from the company’s systems. According to researchers who reviewed the leaked materials, the dataset includes…
-
A cybercriminal group has claimed responsibility for a breach involving Austrian business aviation company Avcon Jet. The alleged incident surfaced after the Qilin ransomware operation published samples of what it says are stolen company files. The exposed materials reportedly include employee records, aircraft documentation, and internal security procedures. The incident has raised concerns about the…