Clone Systems
Share
Clone Systems has been securing businesses since 1998 and delivering PCI compliance as an ASV for 18 years.
We’re here to make security and compliance simple for your team.
06/05/2026
Offer PCI ASV scanning under your own brand.
Clone Systems helps partners deliver PCI ASV approved vulnerability scanning with white-labeled reporting, branded client experiences, and expert support behind the scenes.
Your brand stays front and center.
We power the scanning.
Build a trusted PCI scanning service your clients can rely on.
CVE Alert — Everest Forms Pro
CVE-2026-3300 (CVSS 9.8) is being actively exploited to compromise WordPress sites.
The flaw allows unauthenticated attackers to execute arbitrary PHP code, create administrator accounts, deploy web shells, and take full control of affected websites.
Affected versions: 1.9.12 and earlier
Fixed version: 1.9.13
Organizations using Everest Forms Pro should update immediately and review administrator accounts for unauthorized additions.
06/04/2026
Attackers do not wait for your next annual test. Your security validation should not either.
Clone Systems’ Automated Pe*******on Testing Service helps organizations continuously identify, validate, and prioritize vulnerabilities with clear, actionable reporting.
Strengthen your security posture with efficient, automated testing built to support your business.
Learn more: clone-systems.com/automated-pe*******on-testing-service/
*******onTesting
CVE Alert — Cisco Unified CM
CVE-2026-20230 (CVSS 8.6) is a critical vulnerability in Cisco Unified Communications Manager that allows an unauthenticated attacker to write arbitrary files to the underlying operating system.
Public proof-of-concept exploit code is now available, increasing the risk of exploitation.
Affected organizations should apply Cisco’s patches immediately or disable the WebDialer service if it is not required.
06/03/2026
*New Blog*
Payment security is becoming more modern, cloud-aware, and continuous.
PCI SSC’s new PCI PTS HSM v5.0 standard introduces stronger cryptography, updated requirements for cloud and multi-tenant HSM deployments, and increased focus on lifecycle security.
While this does not directly change ASV requirements for most merchants, it reinforces a broader PCI trend: payment environments must be continuously reviewed, tested, and validated.
Read our latest blog to learn what PCI PTS HSM v5.0 means for payment security and PCI compliance.
https://www.clone-systems.com/pci-pts-hsm-v5-0-payment-security/
CVE Alert — Redis
CVE-2026-23479 (CVSS 8.8) is a newly disclosed Redis vulnerability that can lead to authenticated remote code ex*****on.
The flaw is a use-after-free bug affecting Redis versions 7.2.0 through 8.6.2 and remained undiscovered for more than two years before being identified by an autonomous AI security tool.
Organizations should upgrade to the latest patched Redis releases and review access controls, especially for internet-facing instances.
06/02/2026
Stronger security should be built around your business.
Clone Systems’ Managed Pe*******on Testing provides tailored testing across your systems, applications, APIs, and access controls—helping you understand real risk and make informed security decisions.
From custom scopes and compliance-driven testing to actionable remediation guidance, our team helps strengthen your security where it matters most.
Ready for a pe*******on test built around your needs?
Schedule a demo: clone-systems.com
*******onTesting
Security Alert — Dashlane
Dashlane disclosed that attackers used a brute-force campaign to bypass 2FA protections on a small number of accounts, resulting in the download of encrypted vaults belonging to fewer than 20 users.
While the vaults remain encrypted and require the user’s Master Password to access, affected users should review registered devices, enable 2FA, and ensure their Master Password is strong and unique.
Dashlane reports that its internal systems were not compromised.
06/01/2026
For 19 years, Clone Systems has proudly served as a PCI Approved Scanning Vendor (ASV), helping organizations strengthen security, support compliance, and build trust across a constantly evolving threat landscape.
We are grateful to our clients and partners who have trusted us to support their security and compliance goals over the years.
Global reach. Local support. Continued commitment to security.
https://buff.ly/QOogHFi
*******onTesting
CVE Alert — WP Maps Pro
CVE-2026-8732 (CVSS 9.8) is being actively exploited in the wild.
The vulnerability affects WP Maps Pro for WordPress and allows unauthenticated attackers to create administrator accounts, leading to full site compromise.
Affected versions: 6.1.0 and earlier
Fixed version: 6.1.1
Wordfence reports blocking thousands of exploitation attempts within the past 24 hours.
If you use WP Maps Pro, update immediately and review your WordPress administrator accounts for unauthorized additions.
Click here to claim your Sponsored Listing.