MUST READ

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

 | 

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

 | 

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

 | 

IoT Botnet C0XMO Adds Competitor-Killing Capability

 | 

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

 | 

Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

 | 

Report: Anthropic Deploys Engineers to Support NSA Use of Mythos

 | 

Claude Opus Found a Four-Year-Old Hole in Zcash's Privacy Layer. Nobody Knows If Someone Already Used It.

 | 

Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure

 | 

Cisco SD-WAN Has a New Root-Level Problem, and There's No Fix Yet

 | 

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

 | 

Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications

 | 

U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges

 | 

Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets

 | 

Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft's Disclosure Process

 | 

29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming

 | 

Cyber espionage campaign targeted stock exchange executive’s Outlook account

 | 

Everest Forms Pro WordPress

Pierluigi Paganini June 08, 2026
Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

Hackers exploit CVE-2026-3300 in Everest Forms Pro to inject PHP via form fields, creating rogue admin accounts. 29,300 attempts blocked. Researcher h0xilo submitted a flaw in Everest Forms Pro for WordPress, tracked as CVE-2026-3300, to Wordfence’s bug bounty program and earned $325 for it. WPEverest patched the flaw on March 18. Wordfence published a full […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

Security / June 08, 2026

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

Cyber Crime / June 08, 2026

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

Artificial Intelligence / June 08, 2026

IoT Botnet C0XMO Adds Competitor-Killing Capability

Uncategorized / June 08, 2026

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

Data Breach / June 07, 2026