A recent surge in cyberattacks has been reported, with researchers identifying a new phishing campaign utilizing a high-severity vulnerability from 2017 to spread a variant of the Remcos remote access trojan (RAT). This campaign is part of a broader landscape of threats, including the critical flaw CVE-2024-10571 in a WordPress Chart Plugin, which is currently under active attack. Additionally, over 70,000 domains have been hijacked in a sophisticated attack method known as 'Sitting Ducks,' which targets DNS misconfigurations, making detection difficult. Experts have called for increased accountability from government bodies and domain registrars to combat these cyber threats. Other vulnerabilities include CVE-2024-23113, which has been exploited by state-sponsored hackers and is now being used by cybercriminals, and CVE-2024-11120, a pre-auth command injection flaw in GeoVision devices, which is actively exploited without a patch available. The critical Laravel flaw CVE-2024-52301 has also been identified, exposing millions of web applications to potential attacks.