Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting WordPress sites running OptinMonster, TrustPulse, and PushEngage, three plugins operated by Awesome Motive, one of the largest WordPress plugin companies in the world. The malicious JavaScript wasn’t sitting on any victim’s server. […]
A vulnerability marked as problematic has been reported in Envoy. The affected element is an unknown function of the component HPACK Compression Handler. The manipulation leads to denial of service.
This vulnerability is documented as CVE-2026-47774. The attack can be initiated remotely. There is not any exploit available.
A vulnerability labeled as critical has been found in Softaculous Page Builder Plugin up to 2.0.9 on WordPress. Impacted is an unknown function. Executing a manipulation can lead to incorrect authorization.
This vulnerability is registered as CVE-2026-2470. It is possible to launch the attack remotely. No exploit is available.
The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2026 had listed 483 victims on their dark-web leak site, 380 of them in 2026 alone. That makes them the […]
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations.
"These accounts promoted fake offers, including free mobile internet packages, financial compensation, and government subsidy programs," Group-IB
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals.
The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw affecting the portal and gateway components of PAN-OS software that could be exploited by bad