News CVE-2026-3300: Active exploits target Everest Forms Pro’s Complex Calculation feature June 7, 2026 / June 7, 2026 by Alex Mira | Leave a Comment CVE-2026-3300 in Everest Forms Pro is under active exploitation. The bug enables unauthenticated remote code execution via the Complex Calculation feature. Update to 1.9.13, audit admin users for “diksimarina,” and review logs for the IPs cited by Wordfence. Read more » CVE-2026-3300 Everest Forms Pro Plugin vulnerability Remote code execution security wordpress
News Security Compromised npm Packages Abuse Hugging Face as Exfiltration Infrastructure June 4, 2026 / June 4, 2026 by Corentin C | Leave a Comment Microsoft Threat Intelligence has warned that compromised npm packages utils-terminal@3.2.1 and logger-active@3.2.1 are deploying the MicrosoftSystem64 RAT. The malware captures keystrokes, screenshots, and crypto wallet credentials while abusing Hugging Face infrastructure as an exfiltration channel. Read more » huggingface MicrosoftSystem64 npm rat security trojan
News CVE-2025-48595: Android integer overflow bug patched in June 2026 June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2025-48595 is an Android integer overflow leading to local privilege escalation that requires no user interaction. Google’s June 2026 patches address it; users should update to patch level 2026-06-05 or later. Read more » Android security CVE-2025-48595 Mobile security Patching Security advisories vulnerability
News CVE-2026-8206: Password reset flaw in Kirki plugin could enable account takeover June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2026-8206 affects Kirki 6.0.0–6.0.6, allowing password reset emails to be sent to attacker-controlled addresses. Update from the WordPress directory now. Read more » Account Takeover CVE-2026-8206 Kirki Plugin security Privilege escalation vulnerability wordpress
News Critical auth bypass in Burst Statistics plugin puts 200,000 WordPress sites at risk June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment A critical auth bypass in the Burst Statistics WordPress plugin (CVE-2026-8181) could let attackers impersonate admins via the REST API. A patch is available; update now. A separate low-severity bypass in Advanced Access Manager (CVE-2026-42674) is fixed in 7.1.1. Read more » Advanced Access Manager Authentication bypass Burst Statistics CVE-2026-8181 Patch management Vulnerabilities WordPress security
News CVE-2026-8732: WP Maps Pro flaw enables unauthenticated admin account creation June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2026-8732 in WP Maps Pro allows unauthenticated creation of administrator accounts on WordPress sites. Update to the patched release and verify there are no unexpected admin users. Read more » CVE-2026-8732 Plugin vulnerability Privilege escalation Site takeover Wordfence WordPress security WP Maps Pro
Guide Windows Windows 11 May Be Silently Causing Micro-Stutters in Your Games May 30, 2026 / May 30, 2026 by Corentin C | Leave a Comment Windows 11 may silently ignore low timer-resolution requests from games, causing micro-stutters even when FPS looks stable. This guide explains how to check Platform Timer Resolution with powercfg /energy and apply the GlobalTimerResolutionRequests registry tweak to improve frame pacing on desktop gaming PCs. Read more » gaming guide performance windows
News CVE-2026-9082: Drupal’s PostgreSQL SQL injection is being probed — update your sites May 30, 2026 / May 30, 2026 by Alex Mira | Leave a Comment Drupal disclosed CVE-2026-9082, a PostgreSQL-only SQL injection in core. Exploit attempts are being observed. Update to the patched Drupal releases as soon as possible. Read more » CMS security CVE-2026-9082 Drupal Patching PostgreSQL SQL injection vulnerability
News Windows Microsoft pulls back the floating Copilot button in Office, lets you put it back on the ribbon May 24, 2026 / May 24, 2026 by Alex Mira | Leave a Comment Microsoft is changing the floating Copilot button in Word, Excel, and PowerPoint after complaints, adding an option to put it back on the ribbon. Read more » copilot Excel Microsoft 365 office PowerPoint Word
News Ubiquiti UniFi OS critical fixes: CVE-2026-33000 and related flaws May 22, 2026 / May 22, 2026 by Alex Mira | Leave a Comment Ubiquiti’s Security Advisory Bulletin 064 addresses multiple critical UniFi OS vulnerabilities, including CVE-2026-33000. Check your device model and update to the fixed versions listed by the vendor. Read more » cve Network Security Patching Ubiquiti UniFi OS Vulnerabilities
