THREAT OPS › Threat News
Threat Intelligence News
2496 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- Why doctrine is becoming a technology requirement for modern defense intelligenceeclecticiq · 2026-06-22
- Risky Bulletin: Klue breach impacts security firmsriskybiz_news · 2026-06-22
- Detecting the Klue supply chain attack in Salesforce instancesdatadog_seclabs · 2026-06-22
- Zero Trust, Zero Downtime: Ensure Security and Compliance Through Outages and Disruptionszscaler_threatlabz · 2026-06-20
- Why SAP User Experience Starts with End to End Visibilityzscaler_threatlabz · 2026-06-19
- An update on FortiBleed — what’s happening with victim orgsdoublepulsar · 2026-06-19
- Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and morerapid7 · 2026-06-19
- WhatsApp Accuses NSO of Fresh Pegasus Targetingcitizenlab · 2026-06-19
- MyBait: Why We Lured Attackers To Encrypt Our Cloud MySQLvaronis_blog · 2026-06-19
- Risky Bulletin: Creds for 74,000 Fortinet devices leakedriskybiz_news · 2026-06-19
- Azure AD Graph Activity Logs: Ingestion and threat detection to close the visibility gapelastic_security · 2026-06-19
- Lost in relocation: analysis of a new loader distributing CASTLESTEALERelastic_security · 2026-06-19
- Stop Treating Your LLMs Like Web Serversakamai_blog · 2026-06-18
- Close Encounters of the Human Kindtalos · 2026-06-18
- Build your own vulnerability harnesscloudflare_security · 2026-06-18
- Intelligence Insights: June 2026red_canary · 2026-06-18
- ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firmkrebs · 2026-06-18
- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 8, 2026 to June 14, 2026)wordfence · 2026-06-18
- First to Market, Built to Last: How Zscaler Secures the Agentic AI Era with Zero Trustzscaler_threatlabz · 2026-06-18
- Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Pluginwordfence · 2026-06-18
- BloodHound MCP, One Year Later: What I Learned About MCPs, Models, and Contextspecterops · 2026-06-18
- Gartner® Named RL a Software Supply Chain Security Visionary. Here’s What We See Comingreversinglabs · 2026-06-18
- May 2026 Threat Trend Report on Ransomwareahnlab · 2026-06-18
- Agentic AI risk isn't a model problem. It's an architecture problem.reversinglabs · 2026-06-18
- FortiBleed Credential Theft Campaign Marches Onduo_decipher · 2026-06-18
- Why Security Teams Need To Start Earlierrapid7 · 2026-06-18
- Oracle Critical Patch Update, June 2026 Security Update Reviewqualys · 2026-06-18
- SmartApeSG Launches Okendo Reviews Supply Chain Attackzscaler_threatlabz · 2026-06-18
- Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systemsic3_fbi · 2026-06-18
- DNS Is Your Most Critical — and Most Misconfigured — Security Controlakamai_blog · 2026-06-18
- The President’s Executive Actions on AI Have a Lot to Say on Cybersecuritywiz_research · 2026-06-18
- The 'vibe coding spectrum' approach to AI-assisted software developmentncsc_uk · 2026-06-18
- Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gatewaysncsc_uk · 2026-06-18
- Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object modeltalos · 2026-06-18
- Killing me gently: Inside Gentlemen’s EDR killer frameworkwls_eset · 2026-06-18
- Oracle June 2026 Critical Security Patch Update Addresses 243 CVEs (CVE-2026-35273)tenable · 2026-06-18
- Srsly Risky Biz: Anthropic has artificial, but not emotional, intelligenceriskybiz_news · 2026-06-18
- The full Snyk AI Security Platform, free for open source maintainerssnyk · 2026-06-18
- Entra Agent ID: Inside a cross-tenant agent compromisedatadog_seclabs · 2026-06-18
- [CISA KEV] CVE-2026-20253 — Splunk Enterprise: Splunk Enterprise Missing Authentication for Critical Function Vulnerabilitycisa_kev · 2026-06-18
- easy-day-js Targets Mastra, Dependency Attacks Growsonatype · 2026-06-17
- How Freedom Tech Is Pushing Back Against Digital Authoritarianismcitizenlab · 2026-06-17
- How Akamai Defended an Indian Bank Against Record-Breaking DDoS Attacksakamai_blog · 2026-06-17
- Operationalize CISA BOD 26-04 with Tenable Onetenable · 2026-06-17
- ClickFix Campaign Generated Via AI Delivers SmartRATzscaler_threatlabz · 2026-06-17
- Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Pluginwordfence · 2026-06-17
- The dual-use dilemma: Rethinking detection for remote access tool abusered_canary · 2026-06-17
- Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerabilitycisco_psirt · 2026-06-17
- Cisco Crosswork Network Controller Server-Side Template Injection Vulnerabilitycisco_psirt · 2026-06-17
- Cisco Webex App Open Redirect Vulnerabilitycisco_psirt · 2026-06-17
- Ransom & Dark Web Issues Week 3, June 2026ahnlab · 2026-06-17
- Microsegmentation: Your Digital First Responder to LLM Threatsakamai_blog · 2026-06-17
- The race to secure AI coding: 4 steps to rein agents inreversinglabs · 2026-06-17
- The Red Agent POV: How it Reasoned its Way to SSRFwiz_research · 2026-06-17
- Introducing the Red Agent POV Serieswiz_research · 2026-06-17
- What the ThreatLabz 2026 Phishing and Initial Access Report Means for the Public Sectorzscaler_threatlabz · 2026-06-17
- FortiBleed — 75k Fortinet firewalls have admin passwords crackeddoublepulsar · 2026-06-17
- Keep Your Tech FLAME Alive: Trailblazer Katrina Coleakamai_blog · 2026-06-17
- From Stars to Upvotes: Fake Reputation Fueling a Crypto Clipboard Hijackercheckpoint_research · 2026-06-17
- NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK's critical systemsncsc_uk · 2026-06-17
- Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chainrapid7 · 2026-06-17
- Protecting legacy OT systems against modern cyberthreatswls_eset · 2026-06-17
- Risky Bulletin: China arrests Silver Fox cybercrime group suspectsriskybiz_news · 2026-06-17
- State Digital Surveillance Risk Landscaperecordedfuture · 2026-06-17
- 5 Things I Show Every SOC Team When We Wire GreyNoise Into Their SOARgreynoise_blog · 2026-06-17
- A Day in the Life of an AI Engineer in Snyk's Lisbon Officesnyk · 2026-06-16
- A Forgotten Contributor Account Compromised the Entire Mastra npm Package Scopesnyk · 2026-06-16
- Prevent AI-Powered Cyberattacks With Deception Technologyzscaler_threatlabz · 2026-06-16
- WordPress PBN Plugin Drops Dual Webshells via Database Injectionsucuri_blog · 2026-06-16
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisco_psirt · 2026-06-16
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisco_psirt · 2026-06-16
- Zero Trust for AI Agents: The Only Model Built for What’s Nextzscaler_threatlabz · 2026-06-16
- PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channelswordfence · 2026-06-16
- Mythic Embarking on the Open Seas: Containerized Payload Delivery for Kubernetes Assessmentsspecterops · 2026-06-16
- What is the true nature of the shortcut file I thought was a privacy consent form?ahnlab · 2026-06-16
- It looks like a normal resume, but the infection begins the moment it is opened.ahnlab · 2026-06-16
- Update to npm blocks install scripts: What it means for AppSecreversinglabs · 2026-06-16
- Protect Your Property from Illegal Sales Through Parcel Owner Impersonationic3_fbi · 2026-06-16
- Improving precision in CTEM: How continuous controls validation in Tenable One transforms exposure managementtenable · 2026-06-16
- What’s in the SOSS? Podcast #63 – S3E15 Big Thoughts, Open Sources: Driving Enterprise Security and Career Growth Through Open Source with Jamie Thomas (IBM)openssf_blog · 2026-06-16
- Wiz Exposure Management Dashboard: Your CTEM Command Centerwiz_research · 2026-06-16
- Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCEunit42 · 2026-06-16
- FishMonger’s arsenal upgraded: SprySOCKS for Windowswls_eset · 2026-06-16
- [CISA KEV] CVE-2026-48907 — Widget Factory Joomla Content Editor : Widget Factory Joomla Content Editor Improper Access Control Vulnerabilitycisa_kev · 2026-06-16
- The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Enginerecordedfuture · 2026-06-16
- Mapping out your unknown: A threat hunter’s guide to Salesforcedatadog_seclabs · 2026-06-16
- Inside the Modern SOC: The 72-Minute Raceunit42 · 2026-06-15
- Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerabilitycisco_psirt · 2026-06-15
- Between Two Nerds: Why NATO and cyber don't mixriskybiz_news · 2026-06-15
- The Shift to Threat-Informed Prioritization: Operationalizing CISA BOD 26-04flashpoint · 2026-06-15
- [NVD] CVE-2026-52719 (HIGH 7.1) — An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially craftednvd · 2026-06-15
- [NVD] CVE-2026-52718 (MEDIUM 6.5) — A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a usnvd · 2026-06-15
- NIS2 is raising the bar. Here’s how to turn readiness into resilience.rapid7 · 2026-06-15
- Does Your Security Programme Align With NIS2 Requirements?rapid7 · 2026-06-15
- Spying Via Your Mobile Phone: Companies Can Locate Any Device at Any Timecitizenlab · 2026-06-15
- Beyond the Score: Using AI to Translate CVEs into Real-World Business Riskrapid7 · 2026-06-15
- Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Researchmandiant_gti · 2026-06-15
- Scammers Use Couriers to Collect Cash in Cryptocurrency Investment Scamsic3_fbi · 2026-06-15
- 15th June – Threat Intelligence Reportcheckpoint_research · 2026-06-15
- SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weaponvaronis_blog · 2026-06-15