Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-05 03:00 PDT
- Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
The Hacker News • 2026-06-05 01:38 • thehackernews.com
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12. A patch for the flaw was
https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
The Hacker News • 2026-06-05 00:01 • thehackernews.com
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff.Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA’s login page well enough to take over real accounts.
It is an obvious target. More than
https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - The Evil MSI Background is Back!, (Fri, Jun 5th)
SANS ISC Diary (full) • 2026-06-04 23:47 • isc.sans.eduA few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with a mail containing a WeTransfer link.
- Cisco warns of unpatched SD-WAN zero-day exploited in attacks
BleepingComputer • 2026-06-04 23:24 • www.bleepingcomputer.com
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. […]
https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/ - PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News • 2026-06-04 22:34 • thehackernews.com
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network.“Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer every five minutes,” Hunt.io said in
https://thehackernews.com/2026/06/pcpjack-hijacks-230-aws-google-cloud.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
