Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 5

Get the latest international news and world events from around the world.

Log in for authorized contributors

Physicists discover attractive forces between molecular condensates may cause running off

Inside cells, certain functions are carried out by locally adjusting molecular composition. This condensation of material results in the formation of dense droplets that can dynamically rearrange. Because of this, interactions between such dense regions determine the shaping of condensates. Scientists from the Department of Living Matter Physics at MPI-DS recently developed a model that can describe such phase separation dynamics based solely on attraction. The work is published in the journal Physical Review Letters.

“It’s natural to think that a system with only attractive forces would form one large, stationary condensate,” explained Jacopo Romano, first author of the study.

“However, instead we observed an unexpected emergent property of chasing dynamics resulting in movement and propulsion,” he said.

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.

The vulnerability in question is CVE-2026–3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12. A patch for the flaw was released on March 18, 2026, with version 1.9.13.

“This is due to the Calculation Addon’s process_filter function concatenating user-submitted form field values into a PHP code string without proper escaping before passing it to eval,” Wordfence said.

Cisco Catalyst SD-WAN Manager CVE-2026–20245 Flaw Actively Exploited — No Patch Available

“A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system,” Cisco said in an advisory.

The network security company said the vulnerability is the result of insufficient validation of user-supplied input, which an attacker could exploit by uploading a crafted file to the affected system. This, in turn, could permit the attacker to perform command injection attacks and elevate their privileges as the root user.

“To exploit this vulnerability, the attacker must have netadmin privileges on the affected system,” Cisco added. “This would require valid credentials or exploitation of CVE-2026–20182 or CVE-2026–20127. Cisco is not aware of successful exploitation by other methods.”

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff.

Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA’s login page well enough to take over real accounts.

It is an obvious target. More than six million fans are expected across 16 cities in the United States, Canada, and Mexico, and FIFA said it received more than 150 million ticket requests in the first 15 days, leaving the tournament around 30 times oversubscribed. Tickets are scarce, fans are anxious, and money is moving fast, which is exactly what fraud needs.

/* */