Supply Chain Attack Backdoors Smart Slider 3 Pro: 800,000+ WordPress Sites at Risk

Latest news

Malware

Supply Chain Attack Backdoors Smart Slider 3 Pro: 800,000+ WordPress Sites at Risk

13 April 2026 dark6

Attackers compromised Nextend's update infrastructure to distribute a weaponized version of Smart Slider 3 Pro (v3.5.1.35) for approximately six hours...

Read more 0

Vulnerability

Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616

13 April 2026 dark6

A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.1) in Fortinet FortiClient EMS was exploited in the wild before Fortinet published its...

Read more 0

Vulnerability

PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’

13 April 2026 dark6

A disgruntled researcher has published a working exploit for BlueHammer, an unpatched Windows local privilege escalation zero-day that abuses Windows...

Read more 0

Vulnerability

Adobe Patches Actively Exploited Acrobat Reader Zero-Day CVE-2026-34621 — Exploited Since December 2025

13 April 2026 dark6

Adobe has issued an emergency patch for CVE-2026-34621 (CVSS 8.6), a prototype pollution zero-day in Acrobat Reader actively exploited since...

Read more 0

Cybercrime

CISA Warning: Iranian-Affiliated Hackers Targeting US Critical Infrastructure PLCs to Cause Disruption

12 April 2026 dark6

CISA has issued an urgent advisory (AA26-097A) warning that Iranian-affiliated APT actors have been actively targeting internet-exposed Programmable Logic Controllers...

Read more 0

Malware

Russia’s APT28 Deploys New PRISMEX Malware in Espionage Campaign Targeting Ukraine and NATO Allies

12 April 2026 dark6

Russia-linked APT28 (Fancy Bear) has launched a new spear-phishing espionage campaign deploying PRISMEX, a previously undocumented malware suite combining steganography,...

Read more 0

Hacktivism

APT Iran Claims 375TB Breach of Lockheed Martin — F-35 Blueprints and Source Code Allegedly Stolen

12 April 2026 dark6

Pro-Iranian hacktivist group APT Iran claims to have stolen 375 terabytes of data from Lockheed Martin, including alleged F-35 blueprints...

Read more 0

Vulnerability

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — Update Now

12 April 2026 dark6

Google has confirmed that CVE-2026-5281, a high-severity use-after-free vulnerability in Chrome's Dawn WebGPU implementation, is being actively exploited in the...

Read more 0

Ransomware

Payload Ransomware Group Hits Egyptian Oil Giant WASCO in Double-Extortion Attack

11 April 2026 dark6

The Payload ransomware group has claimed a cyberattack against El Wastani Petroleum Company (WASCO), a major Egyptian oil and gas...

Read more 0

Vulnerability

CVE-2026-39987: Critical Marimo Python Notebook RCE Exploited Within 10 Hours of Disclosure

11 April 2026 dark6

A pre-authentication remote code execution flaw (CVSS 9.3) in the Marimo Python notebook framework was weaponized by attackers within just...

Read more 0

Databreach

Adobe Breach: Threat Actor Claims 13 Million Support Tickets Stolen via BPO Hack — HackerOne Data at Risk

11 April 2026 dark6

A threat actor known as "Mr. Raccoon" claims to have exfiltrated 13 million Adobe customer support tickets, 15,000 employee records,...

Read more 0

Malware

Smart Slider 3 Pro Plugin Backdoored via Supply Chain Attack — 800,000+ Sites at Risk

11 April 2026 dark6

Threat actors compromised the update infrastructure of Nextend, the vendor behind Smart Slider 3 Pro, and pushed a fully backdoored...

Read more 0