THREAT OPS › Threat News
Threat Intelligence News
2619 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- Citrix Products Multiple Vulnerabilitieshkcert · 2026-07-03
- How We Added WebAuthn to a Browser-Based RDP Clientunit42 · 2026-07-02
- SecOps for the AI Age: Detecting and Responding to AI‑Related Incidentszscaler_threatlabz · 2026-07-02
- ClamAV Vulnerabilities Affecting Cisco Products: July 2026cisco_psirt · 2026-07-02
- FBI Seizes NetNut Proxy Platform, Popa Botnetkrebs · 2026-07-02
- AL26-016 - Vulnerability impacting Citrix NetScaler CVE-2026-8451cccs_ca · 2026-07-02
- Whistleblowersoftware.com: confidentiality and anonymity leakage to third partiesfulldisclosure · 2026-07-02
- OpenBlow Multiple Deanonymization Vulnerabilitiesfulldisclosure · 2026-07-02
- Whistlelink: Site-access password exposed in web server access logs via GET query stringfulldisclosure · 2026-07-02
- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 22, 2026 to June 28, 2026)wordfence · 2026-07-02
- APPLE-SA-06-29-2026-3 Safari 26.5.2fulldisclosure · 2026-07-02
- APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2fulldisclosure · 2026-07-02
- APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2fulldisclosure · 2026-07-02
- pwnlift: symlink following and TOCTOU in privileged upload handler allow arbitrary file write as rootfulldisclosure · 2026-07-02
- [KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerabilityfulldisclosure · 2026-07-02
- [fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vulnfulldisclosure · 2026-07-02
- Samsung Galaxy Buds – Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption (Vendor Response: Working as Intended)fulldisclosure · 2026-07-02
- Asterisk Security Release 23.4.1fulldisclosure · 2026-07-02
- Asterisk Security Release 22.10.1fulldisclosure · 2026-07-02
- Catan and Mousetalos · 2026-07-02
- Guide to Cloud Application Security: Must-Knows and No-No’s | Huntresshuntress · 2026-07-02
- Progress security advisory (AV26-552) – Update 1cccs_ca · 2026-07-02
- Google Chrome security advisory (AV26-648)cccs_ca · 2026-07-02
- Indirect Prompt Injection in Web Content Targets AI Agentszscaler_threatlabz · 2026-07-02
- Remus Stealer: A New, Not-So-New Infostealerflashpoint · 2026-07-02
- When To Choose SSE vs. SASE: A Decision Framework for Security Leaderszscaler_threatlabz · 2026-07-02
- Cisco security advisory (AV26-646)cccs_ca · 2026-07-02
- It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza)watchtowr · 2026-07-02
- Improving security posture across the Microsoft partner ecosystemmsstic · 2026-07-02
- [Security Blog] Smart Wearables, Smart Security: Cybersecurity Guide for Smart Wearableshkcert · 2026-07-02
- Real-Time Observability: Introducing Akamai Cloud Pulse Alertsakamai_blog · 2026-07-02
- Statistical Report on Malware Targeting Linux SSH Servers in the Second Quarter of 2026ahnlab · 2026-07-02
- Statistical Report on Malware Targeting Windows Database Servers in the Second Quarter of 2026ahnlab · 2026-07-02
- Q2 2026 Statistical Report on Malware Targeting Windows Web Serversahnlab · 2026-07-02
- Q2 2026 Attack Techniques Trend Reportahnlab · 2026-07-02
- This Report from Gartner Defines the Software Supply Chain Security Marketreversinglabs · 2026-07-02
- Google’s Continued Disruption of Malicious Residential Proxy Networksmandiant_gti · 2026-07-02
- Top Agentic AI security resources — July 2026adversa · 2026-07-02
- Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecturerapid7 · 2026-07-02
- Context Engineering | Compaction & Agent Memory for Automated Malware Analysissentinelone · 2026-07-02
- CubeSpace CW0057 Reaction Wheelcisa_ics · 2026-07-02
- Gardyn IoT Hubcisa_ics · 2026-07-02
- ST Engineering iDirect iQ-Series Terminalscisa_ics · 2026-07-02
- Gardyn IoT Hubcisa_advisories · 2026-07-02
- CubeSpace CW0057 Reaction Wheelcisa_advisories · 2026-07-02
- ST Engineering iDirect iQ-Series Terminalscisa_advisories · 2026-07-02
- Celebrating Canada Day with Localized Managed Phishinghuntress · 2026-07-02
- Build AI Security Agents with Wiz MCPwiz_research · 2026-07-02
- GPT-5.5-Cyber built a zlib fuzzing lab in a daytrailofbits · 2026-07-02
- The AI Arms Race: How Adversaries are Weaponizing AI for Speed and Scaleeclecticiq · 2026-07-02
- Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projectssecurelist · 2026-07-02
- Most AI ROI Gets Lost in the Infrastructure, Not the Modelakamai_blog · 2026-07-02
- Zscaler Achieves Certification to Secure Global Customers Connecting in Chinazscaler_threatlabz · 2026-07-02
- Vulnerability & Patch Roundup — June 2026sucuri_blog · 2026-07-02
- Srsly Risky Biz: America won't beat the distillation ecosystemriskybiz_news · 2026-07-02
- Varonis Recognized as a Customers’ Choice for Data Security Posture Management for Third Consecutive Yearvaronis_blog · 2026-07-02
- Google Chrome Multiple Vulnerabilitieshkcert · 2026-07-02
- Apache Tomcat Multiple Vulnerabilitieshkcert · 2026-07-02
- IBM WebSphere Products Multiple Vulnerabilitieshkcert · 2026-07-02
- Mozilla Products Multiple Vulnerabilitieshkcert · 2026-07-02
- SUSE Linux Kernel Multiple Vulnerabilitieshkcert · 2026-07-02
- Breaking Down the White House’s Actions on Post-Quantum Cryptography Readinesswiz_research · 2026-07-02
- DoJ: Alleged Scattered Spider Member Extradited to USduo_decipher · 2026-07-02
- RedHat Linux Kernel Multiple Vulnerabilitieshkcert · 2026-07-02
- Ubuntu Linux Kernel Multiple Vulnerabilitieshkcert · 2026-07-02
- Facebook page introduced by Anderson Cooper talking about an Alzheimer treatment of Dr. Sanjay Gupta, 1089143ai_incident_db · 2026-07-02
- Deepfake scam targets Alzheimer's patients with false promise of honey-based cureai_incident_db · 2026-07-02
- Inside Elastic InfoSec's agentic SOC: cutting alert triage from 30 minutes to under 3elastic_security · 2026-07-02
- Lateral Movement Attack: Techniques, Detection & Preventionhuntress · 2026-07-01
- An AI Agent That Can’t See the Whole Path Is Just a Faster Way to Be Wrongzscaler_threatlabz · 2026-07-01
- Cisco Advance Notification for Publication of July 1, 2026, Security Advisoriescisco_psirt · 2026-07-01
- Microsoft named a leader in the Frost Radar for cloud and application runtime securitymsstic · 2026-07-01
- New Cargo Theft Surge: From Lobster Heists To Bourbon Warehouse Scamsproofpoint · 2026-07-01
- 5 Myths About AI in the SOC Security Teams Need to Rethinkrapid7 · 2026-07-01
- Cisco Unified Communications Manager Server-Side Request Forgery Vulnerabilitycisco_psirt · 2026-07-01
- The June 2026 Apple Security Update Reviewzdi_blog · 2026-07-01
- Ransom & Dark Web Issues Week 1, July 2026ahnlab · 2026-07-01
- AI use in cybersecurity is on the rise — and so is burnoutreversinglabs · 2026-07-01
- Evil Is as Evil Does: New EvilTokens Affiliate Panel Uncoveredduo_decipher · 2026-07-01
- Vulnerability Prioritization Is Missing the AI-Era Pointsonatype · 2026-07-01
- Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsulafortinet_research · 2026-07-01
- AI Inference Is Swallowing the Cloudakamai_blog · 2026-07-01
- Building more resilient CNI: what industry pen testers told usncsc_uk · 2026-07-01
- How the RaaS Business Model Actually Workshuntress · 2026-07-01
- CISA Adds One Known Exploited Vulnerability to Catalogcisa_advisories · 2026-07-01
- 22nd June – Threat Intelligence Reportcheckpoint_research · 2026-07-01
- Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Techniquecheckpoint_research · 2026-07-01
- Martin Lee: Running through the Arctic (and the threat landscape)talos · 2026-07-01
- The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaignsecurelist · 2026-07-01
- ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365talos · 2026-07-01
- Overview of Content Published in Junedidier_stevens · 2026-07-01
- Risky Bulletin: Researcher drops giant cache of zero-daysriskybiz_news · 2026-07-01
- OpenClaw: risks for the users and how to mitigate themsecurelist · 2026-07-01
- Unmasking the crawls with Attribution Business Insightscloudflare_security · 2026-07-01
- Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vectorunit42 · 2026-07-01
- Backdoors & Breaches: New scenarios and adaptationsdatadog_seclabs · 2026-07-01
- Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Toolrecordedfuture · 2026-07-01
- [CISA KEV] CVE-2026-45659 — Microsoft SharePoint Server: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerabilitycisa_kev · 2026-07-01
- No (Bad) CAP: Inside an Ongoing LSHIY Password Spray Attackhuntress · 2026-06-30
- CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)watchtowr · 2026-06-30