When you think of cyberattacks, you probably picture hackers going after operating systems, firewalls, or browsers. Here’s the twist: the latest exploited vulnerability isn’t in Windows itself—it’s lurking in WinRAR, the humble file‑zipping utility you use for bundling vacation photos or compressing that large email attachment to get it out the door.

Chrome Gets a Power‑Up

Google Chrome just picked up a serious power‑up. The browser isn’t just getting faster or sleeker—it’s gaining a new set of layered defenses designed to put guardrails around its agentic artificial intelligence (AI) capabilities. For anyone keeping an eye on the future of AI‑powered browsing, this is a big deal. Agentic AI, the kind that can take actions on your behalf—navigating sites, pulling data, even completing tasks—has enormous potential. But it also opens the door to new risks, especially indirect prompt injections.

It’s not every day you see Palo Alto Networks in the headlines for brute‑force VPN login attempts. Usually, the spotlight shines on FortiNet or SonicWall when attackers go credential hunting. So when I saw Palo Alto GlobalProtect portals being targeted, I had to look twice.

For context, GlobalProtect is the VPN and remote access component of Palo Alto Networks’ firewall platform. It’s the gateway that allows employees to connect securely from outside the office. And now, it’s the latest focus of attackers who seem to have taken a break from their usual FortiNet and SonicWall campaigns.

It wouldn’t be Monday without another WordPress plugin going rogue. This time, the Sneeit Framework plugin—commonly used to power themes—is being actively exploited in the wild. The remote code execution vulnerability CVE-2025-6389 (CVSS 9.8) affects all versions prior to and including 8.3, and it’s already patched in 8.4. The flaw lets unauthenticated attackers execute code on the server. Translation: no login required for a full takeover. Update the plugin immediately and block the IPs fueling this campaign before Monday turns into incident response.

Oh WordPress… while you’re not a firewall, you sure seem to belong in the same club as Fortinet and SonicWall — always making headlines for vulnerabilities that attackers can’t resist exploiting. It really comes as no surprise that you’re in the news again.

This time, the spotlight is on CVE‑2025‑8489, a critical‑severity privilege escalation vulnerability in the King Addons for Elementor plugin. Attackers are actively exploiting this flaw to obtain administrative permissions during the registration process, effectively handing themselves the keys to the kingdom.