Today's security news highlights multiple active exploitation campaigns, including critical vulnerabilities in WordPress plugins and SolarWinds Serv-U. Several data breaches have also been disclosed, impacting educational institutions and Instagram users, while nation-state actors continue to deploy new malware variants.

Everest Forms Vulnerability Exploited to Hack WordPress Sites — A critical flaw in the Everest Forms plugin, allowing remote code execution, has been actively exploited for two months to compromise WordPress sites. Read more →
SolarWinds Serv-U Vulnerability Exploited in the Wild — CISA has added a high-severity denial-of-service vulnerability (CVE-2026-28318) in SolarWinds Serv-U to its KEV catalog, with unauthenticated attackers exploiting it to crash the service. Read more →
Over 20,000 Instagram Accounts Stolen in Meta AI Support Hack — Hackers exploited Meta's AI-powered support system to reset passwords and hijack over 20,000 Instagram accounts, including high-profile ones. Read more →
Oxford University Discloses Data Breach After Careers Platform Hack — The University of Oxford announced a data breach affecting its CareerConnect platform, managed by third-party provider Group GTI. Read more →
174,000 Impacted by Lansing Community College Data Breach — Lansing Community College disclosed a data breach from February 2025, where hackers accessed personal information on their systems, impacting 174,000 individuals. Read more →
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances — A China-nexus cyber espionage group, VerdantBamboo, is deploying a BSD variant of the BRICKSTORM backdoor and other malware (PLENET, AGENTPSD) to target Linux systems. Read more →
Silent Ransom Group Uses DNS Fast Flux in Attacks — The Silent Ransom Group is targeting US law firms with social engineering and DNS fast flux to hide their C&C infrastructure, leading to data theft. Read more →
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign — The financially motivated threat actor UNC3753 (also known as Scattered Spider) has targeted dozens of US organizations in professional, legal, and financial services with vishing and physical intrusions for data theft and extortion. Read more →