THREAT OPS › Threat News
Threat Intelligence News
2505 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- A Day in the Life of an AI Engineer in Snyk's Lisbon Officesnyk · 2026-06-16
- A Forgotten Contributor Account Compromised the Entire Mastra npm Package Scopesnyk · 2026-06-16
- Prevent AI-Powered Cyberattacks With Deception Technologyzscaler_threatlabz · 2026-06-16
- WordPress PBN Plugin Drops Dual Webshells via Database Injectionsucuri_blog · 2026-06-16
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisco_psirt · 2026-06-16
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisco_psirt · 2026-06-16
- Zero Trust for AI Agents: The Only Model Built for What’s Nextzscaler_threatlabz · 2026-06-16
- PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channelswordfence · 2026-06-16
- Mythic Embarking on the Open Seas: Containerized Payload Delivery for Kubernetes Assessmentsspecterops · 2026-06-16
- What is the true nature of the shortcut file I thought was a privacy consent form?ahnlab · 2026-06-16
- It looks like a normal resume, but the infection begins the moment it is opened.ahnlab · 2026-06-16
- Update to npm blocks install scripts: What it means for AppSecreversinglabs · 2026-06-16
- May 2026 Infostealer Trend Reportahnlab · 2026-06-16
- Protect Your Property from Illegal Sales Through Parcel Owner Impersonationic3_fbi · 2026-06-16
- Potemkin Loader & RMMProject The Anatomy of a ClickFix Attackhuntress · 2026-06-16
- Improving precision in CTEM: How continuous controls validation in Tenable One transforms exposure managementtenable · 2026-06-16
- What’s in the SOSS? Podcast #63 – S3E15 Big Thoughts, Open Sources: Driving Enterprise Security and Career Growth Through Open Source with Jamie Thomas (IBM)openssf_blog · 2026-06-16
- Wiz Exposure Management Dashboard: Your CTEM Command Centerwiz_research · 2026-06-16
- Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCEunit42 · 2026-06-16
- FishMonger’s arsenal upgraded: SprySOCKS for Windowswls_eset · 2026-06-16
- [CISA KEV] CVE-2026-48907 — Widget Factory Joomla Content Editor : Widget Factory Joomla Content Editor Improper Access Control Vulnerabilitycisa_kev · 2026-06-16
- The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Enginerecordedfuture · 2026-06-16
- Mapping out your unknown: A threat hunter’s guide to Salesforcedatadog_seclabs · 2026-06-16
- Inside the Modern SOC: The 72-Minute Raceunit42 · 2026-06-15
- Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerabilitycisco_psirt · 2026-06-15
- Between Two Nerds: Why NATO and cyber don't mixriskybiz_news · 2026-06-15
- The Shift to Threat-Informed Prioritization: Operationalizing CISA BOD 26-04flashpoint · 2026-06-15
- [NVD] CVE-2026-52719 (HIGH 7.1) — An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially craftednvd · 2026-06-15
- [NVD] CVE-2026-52718 (MEDIUM 6.5) — A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a usnvd · 2026-06-15
- NIS2 is raising the bar. Here’s how to turn readiness into resilience.rapid7 · 2026-06-15
- Does Your Security Programme Align With NIS2 Requirements?rapid7 · 2026-06-15
- Spying Via Your Mobile Phone: Companies Can Locate Any Device at Any Timecitizenlab · 2026-06-15
- May 2026 Threat Trend Report on APT Groupsahnlab · 2026-06-15
- Beyond the Score: Using AI to Translate CVEs into Real-World Business Riskrapid7 · 2026-06-15
- Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Researchmandiant_gti · 2026-06-15
- Scammers Use Couriers to Collect Cash in Cryptocurrency Investment Scamsic3_fbi · 2026-06-15
- The Devil, Eight Million Emails, and a Whole Lot of Milk | Phishing Stager Exposedhuntress · 2026-06-15
- 15th June – Threat Intelligence Reportcheckpoint_research · 2026-06-15
- SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weaponvaronis_blog · 2026-06-15
- EvilTokens: A phishing attack that doesn’t steal your passwordwls_eset · 2026-06-15
- Risky Bulletin: Arch Linux supply chain attack hits 1,900 packagesriskybiz_news · 2026-06-15
- [CISA KEV] CVE-2026-54420 — LiteSpeed cPanel Plugin: LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerabilitycisa_kev · 2026-06-15
- [CISA KEV] CVE-2026-20262 — Cisco Catalyst SD-WAN Manager: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerabilitycisa_kev · 2026-06-15
- The Government Just Banned an AI Model. An Engineer's Perspective.snyk · 2026-06-15
- [Breach] Sysco — 2,691,852 accounts exposedhibp_breaches · 2026-06-15
- Holding blobs for ransom: Four methods for Azure Storage ransomwaredatadog_seclabs · 2026-06-15
- [Breach] Moody Bible Institute — 2,303,416 accounts exposedhibp_breaches · 2026-06-15
- [Breach] Glendale Community College — 793,925 accounts exposedhibp_breaches · 2026-06-15
- Sponsored: Ent on using AI to track human behavior on the endpointriskybiz_news · 2026-06-14
- May 2026 Security Issues in Korean & Global Financial Sectorahnlab · 2026-06-14
- When a Government Pulls an AI Model: What the Fable 5 and Mythos 5 Suspension Means for Security Teamssnyk · 2026-06-14
- CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities (Severity: MEDIUM)paloalto_psirt · 2026-06-13
- CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway (Severity: MEDIUM)paloalto_psirt · 2026-06-13
- Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modulesrapid7 · 2026-06-13
- Secure the High Value SAP Data Estate: Why Zero Trust Access is Now a Business Imperativezscaler_threatlabz · 2026-06-12
- Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discoveredunit42 · 2026-06-12
- Shai-Hulud Campaign Evolution: Miasma, Hades, and AI Scanner Evasionzscaler_threatlabz · 2026-06-12
- Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerabilitycisco_psirt · 2026-06-12
- Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)watchtowr · 2026-06-12
- Why AI Red Teaming Matters for Enterprise Securityzscaler_threatlabz · 2026-06-12
- Canada Finally Has a National AI Strategy. Experts Hate It.citizenlab · 2026-06-12
- Who Watches the Watchers?citizenlab · 2026-06-12
- Device code phishing bypasses password stealingreversinglabs · 2026-06-12
- Luis Fernando García On State Surveillance in Latin Americacitizenlab · 2026-06-12
- Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)rapid7 · 2026-06-12
- Navigating the New Federal Logging Mandate | OMB Memorandum M-26-14wiz_research · 2026-06-12
- Factoring "short-sleeve" RSA keys with polynomialstrailofbits · 2026-06-12
- Akira, LimeWire, and the Sour Taste of Data Exfiltrationhuntress · 2026-06-12
- Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)watchtowr · 2026-06-12
- Risky Bulletin: CISA tightens patching rules amid bug delugeriskybiz_news · 2026-06-12
- Sponsored: Understanding CI/CD attack pathsriskybiz_news · 2026-06-12
- [CISA KEV] CVE-2026-35273 — Oracle PeopleSoft Enterprise PeopleTools: Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerabilitycisa_kev · 2026-06-12
- [Breach] American Tower — 216,601 accounts exposedhibp_breaches · 2026-06-12
- CISA BOD 26-04: Frequently asked questions about the new risk-based patching directivetenable · 2026-06-11
- AI Threat Readiness Pillar 3: Perform AI Code Analysis Natively in Wizwiz_research · 2026-06-11
- How to defend ARM64 cloud infrastructure from ITScapereversinglabs · 2026-06-11
- A tale of two erastalos · 2026-06-11
- Inside Kali365, a Device Code Phishing Ecosystem | Huntresshuntress · 2026-06-11
- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 1, 2026 to June 7, 2026)wordfence · 2026-06-11
- Building an Indirect Prompt Injection Workflowspecterops · 2026-06-11
- MCP security tracks API's playbook — we know how that endsreversinglabs · 2026-06-11
- ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploitmandiant_gti · 2026-06-11
- From SQLi to RCE – Exploiting LangGraph’s Checkpointercheckpoint_research · 2026-06-11
- How threat hunting evolves at scalered_canary · 2026-06-11
- LABScon25 Replay | Keynote: Steps to an Ecology of Cybersentinelone · 2026-06-11
- Threat Actors Weaponize AI Hype to Deliver AsyncRATfortinet_research · 2026-06-11
- Trust No Skill: Integrity Verification for AI Agent Supply Chainsunit42 · 2026-06-11
- OceanLotus: From external espionage to domestic targetingwls_eset · 2026-06-11
- The Escalating Cyber Risk Landscape in Regional Conflicts & Strategic Actions for 2026eclecticiq · 2026-06-11
- Srsly Risky Biz: Europe wants to wean itself off US techriskybiz_news · 2026-06-11
- CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI (Severity: MEDIUM)paloalto_psirt · 2026-06-11
- [CISA KEV] CVE-2026-10520 — Ivanti Sentry: Ivanti Sentry OS Command Injection Vulnerabilitycisa_kev · 2026-06-11
- Cyber-Enabled Maritime Sanctions Evasionrecordedfuture · 2026-06-11
- Recorded Future Launches Impact and Metrics Dashboardrecordedfuture · 2026-06-11
- Entra Agent ID: The blueprint blast radiusdatadog_seclabs · 2026-06-11
- Ron Deibert Speaks About “Greek Watergate”citizenlab · 2026-06-10
- Mini Shai-Hulud: Where SLSA’s Boundaries Fallopenssf_blog · 2026-06-10
- Zero Trust for AI Agents: How to Enforce Anthropic's Frameworkvaronis_blog · 2026-06-10
- Making the Business Case for Your CTI Budgetintel471 · 2026-06-10
- Critical Unauthenticated Authentication Bypass Vulnerability Patched in UpdraftPlus WordPress Pluginwordfence · 2026-06-10