THREAT OPS › Threat News
Threat Intelligence News
2484 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysbleepingcomputer · 2026-07-14
- How Qualys ETM Identity Detects Identity-Based Attacks Fasterqualys · 2026-07-14
- Prompt Injection Explained: How It Works, Why It Matters, and Practical Mitigationszscaler_threatlabz · 2026-07-14
- OWASP API Security Top 10 (2023): A Cloud-Native Guide for Security Teamsorca_security · 2026-07-14
- Windows 11 KB5101650 & KB5099414 cumulative updates releasedbleepingcomputer · 2026-07-14
- [GHSA] GHSA-3x7p-v8hj-xh5m (low) — FacturaScripts: Stored XSS in WidgetVariante and WidgetSubcuenta modal lists via HTML-attribute decoding of `Tools::noHtml`-escaped quotes inside `onclick=`github_advisories · 2026-07-14
- Finland issues wanted notice for hacker behind massive psychotherapy data breachthe_record · 2026-07-14
- Best AI-SPM Tools in 2026: The AI Security Posture Management Buyer’s Guideorca_security · 2026-07-14
- CVE-2026-15747: Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracleoss_sec · 2026-07-14
- [GHSA] GHSA-2p5x-4jr6-x5jg (high) — FacturaScripts: CSV formula injection in CSVExport allows authenticated low-priv users to plant payloads that execute when an admin opens the exportgithub_advisories · 2026-07-14
- [GHSA] GHSA-cv65-7cg8-r623 (high) — FacturaScripts: Unauthenticated Path Traversal in Static File Controllers Reads Private MyFiles Documentsgithub_advisories · 2026-07-14
- [GHSA] GHSA-5qmh-x653-g8qj (critical) — FacturaScripts: Authenticated SQL injection in the FacturaScripts REST API filter parameter via parenthesis bypass in `Where::sqlColumn`github_advisories · 2026-07-14
- [GHSA] GHSA-wmj8-9953-vff5 (high) — OpenCost ServiceKey Endpoint Unauthorized Credential Overwrite/Injectiongithub_advisories · 2026-07-14
- LabubaRAT Masquerades as NVIDIA Software to Control Windows Hoststhehackernews · 2026-07-14
- ASPM vs CNAPP: Where They Overlap (and Which You Need)orca_security · 2026-07-14
- CVE-2026-15392: DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted locationoss_sec · 2026-07-14
- CVE-2026-60081: DBI::ProfileData versions before 1.651 for Perl do not limit the path indexoss_sec · 2026-07-14
- CVE-2026-60082: DBI versions before 1.651 for Perl do not enforce statement handle consistency with the rowoss_sec · 2026-07-14
- The French 2-Step: Exposing a Multi-stage Scam Targeting the National Railway Company in Francegroupib_blog · 2026-07-14
- Group-IB Digital Risk Protection Integrates with Google SecOps: Brand Threat Intelligence, Now In Your SOCgroupib_blog · 2026-07-14
- Xen Security Advisory 498 v2 (CVE-2026-42491) - XAPI: Missing TLS verification in some SDKsoss_sec · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forevercrowdstrike · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deploymentcrowdstrike · 2026-07-14
- CrowdStrike Uncovers New Prompt Injection Techniquescrowdstrike · 2026-07-14
- How AI-leading Security Teams Are Building the Agentic SOCcrowdstrike · 2026-07-14
- Browser Security: Zero-Days Are Only Part of the Problemcrowdstrike · 2026-07-14
- Falcon Cloud Security June 2026 Release: Updates for Azure and Google Cloudcrowdstrike · 2026-07-14
- The Identity Problem Hiding in AI Agent Deploymentscrowdstrike · 2026-07-14
- 94% of Organizations Report Cloud Breaches: CrowdStrike State of CDR Surveycrowdstrike · 2026-07-14
- Falcon Secure Access Sets the Standard for Zero Trust Browser Securitycrowdstrike · 2026-07-14
- Why AI Governance Without Guardrails Is Theatercrowdstrike · 2026-07-14
- Progress confirms ShareFile zero-day flaw behind Storage Zone shutdownbleepingcomputer · 2026-07-14
- Upcoming Speaking Engagementsschneier · 2026-07-14
- Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Sayscitizenlab · 2026-07-14
- Re: new af_alg exploit in the wild?oss_sec · 2026-07-14
- AI Agents Are Creating a New Class of Employee Riskvaronis_blog · 2026-07-14
- Veeam security advisory (AV26-694)cccs_ca · 2026-07-14
- LastPass, Bitwarden users targeted with fake security alertsbleepingcomputer · 2026-07-14
- [chaos] aphenapharma.com posted to leak siteransomware_live · 2026-07-14
- Error 524 Decoy: Unmasking a Global Smishing Operation Hiding Behind Error Pagesgroupib_blog · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deploymentcrowdstrike · 2026-07-14
- Falcon Cloud Security June 2026 Release: Updates for Azure and Google Cloudcrowdstrike · 2026-07-14
- The Identity Problem Hiding in AI Agent Deploymentscrowdstrike · 2026-07-14
- 94% of Organizations Report Cloud Breaches: CrowdStrike State of CDR Surveycrowdstrike · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forevercrowdstrike · 2026-07-14
- How AI-leading Security Teams Are Building the Agentic SOCcrowdstrike · 2026-07-14
- Browser Security: Zero-Days Are Only Part of the Problemcrowdstrike · 2026-07-14
- Falcon Secure Access Sets the Standard for Zero Trust Browser Securitycrowdstrike · 2026-07-14
- CrowdStrike Uncovers New Prompt Injection Techniquescrowdstrike · 2026-07-14
- Why AI Governance Without Guardrails Is Theatercrowdstrike · 2026-07-14
- The tale of ClickFix: 5 takeaways from RL’s new threat reportreversinglabs · 2026-07-14
- ServiceNow security advisory (AV26-693)cccs_ca · 2026-07-14
- Mozilla security advisory (AV26-692)cccs_ca · 2026-07-14
- AWS Forensics : What you need to knowsynacktiv · 2026-07-14
- What Is an Incident Response Retainer? (And Why Waiting Until a Breach Is Too Late)groupib_blog · 2026-07-14
- Error 524 Decoy: Desenmascarando una Operación Global de Smishing Oculta Tras Páginas de Errorgroupib_blog · 2026-07-14
- Connecting Scattered Spider: Defining A Cybercrime Collective Through Shared TTPsgroupib_blog · 2026-07-14
- The Identity Problem Hiding in AI Agent Deploymentscrowdstrike · 2026-07-14
- 94% of Organizations Report Cloud Breaches: CrowdStrike State of CDR Surveycrowdstrike · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forevercrowdstrike · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deploymentcrowdstrike · 2026-07-14
- Browser Security: Zero-Days Are Only Part of the Problemcrowdstrike · 2026-07-14
- Falcon Cloud Security June 2026 Release: Updates for Azure and Google Cloudcrowdstrike · 2026-07-14
- How AI-leading Security Teams Are Building the Agentic SOCcrowdstrike · 2026-07-14
- CrowdStrike Uncovers New Prompt Injection Techniquescrowdstrike · 2026-07-14
- Falcon Secure Access Sets the Standard for Zero Trust Browser Securitycrowdstrike · 2026-07-14
- Why AI Governance Without Guardrails Is Theatercrowdstrike · 2026-07-14
- HPE security advisory (AV26-691)cccs_ca · 2026-07-14
- You Don't Have to Run an Exploit to Know If You're Vulnerablebleepingcomputer · 2026-07-14
- NATO logistics, Ukrainian troops are top subjects of Russian camera hacks, advisory saysthe_record · 2026-07-14
- [dragonforce] Edison Global Networks Limited posted to leak siteransomware_live · 2026-07-14
- [dragonforce] SITAV SpA posted to leak siteransomware_live · 2026-07-14
- SAP security advisory – July 2026 monthly rollup (AV26-690)cccs_ca · 2026-07-14
- [dragonforce] Graphic International Centre posted to leak siteransomware_live · 2026-07-14
- RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadatathehackernews · 2026-07-14
- [Control systems] Siemens security advisory (AV26-689)cccs_ca · 2026-07-14
- What’s in the SOSS? Podcast #65 – S3E17 Signing the Future: Securing AI and ML Artifacts with Mihai Maruseacopenssf_blog · 2026-07-14
- [dragonforce] Road Ahead Technologies Consultant posted to leak siteransomware_live · 2026-07-14
- Digital Brand Protection in Cybersecurity: Why It Matters in 2026groupib_blog · 2026-07-14
- 8 Questions to Ask Before Choosing an Incident Response Retainergroupib_blog · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forevercrowdstrike · 2026-07-14
- New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deploymentcrowdstrike · 2026-07-14
- Why AI Governance Without Guardrails Is Theatercrowdstrike · 2026-07-14
- Falcon Secure Access Sets the Standard for Zero Trust Browser Securitycrowdstrike · 2026-07-14
- CrowdStrike Uncovers New Prompt Injection Techniquescrowdstrike · 2026-07-14
- How AI-leading Security Teams Are Building the Agentic SOCcrowdstrike · 2026-07-14
- Browser Security: Zero-Days Are Only Part of the Problemcrowdstrike · 2026-07-14
- Falcon Cloud Security June 2026 Release: Updates for Azure and Google Cloudcrowdstrike · 2026-07-14
- The Identity Problem Hiding in AI Agent Deploymentscrowdstrike · 2026-07-14
- 94% of Organizations Report Cloud Breaches: CrowdStrike State of CDR Surveycrowdstrike · 2026-07-14
- CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED)rapid7 · 2026-07-14
- Podcast: Boardroom Conversations Shift to Surviving a Breachakamai_blog · 2026-07-14
- [dragonforce] Intron Technology Holdings posted to leak siteransomware_live · 2026-07-14
- Varonis Atlas Extends Coverage Across the Claude Enterprise Suite — From Claude Cowork to Claude Codevaronis_blog · 2026-07-14
- [dragonforce] Atcom posted to leak siteransomware_live · 2026-07-14
- [dragonforce] Midal Cables posted to leak siteransomware_live · 2026-07-14
- Microsoft Entra ID gets passkeys default authentication starting Septemberbleepingcomputer · 2026-07-14
- New phishing kits target Microsoft 365 accounts, evade MFAbleepingcomputer · 2026-07-14
- 11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Bootthehackernews · 2026-07-14
- [dragonforce] Omax Autos posted to leak siteransomware_live · 2026-07-14
Page 1 of 25Older →