THREAT OPS › Threat News
Threat Intelligence News
2331 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- 2026-007: Critical Vulnerability in Windows Netlogoncert_eu · 2026-06-10
- Risky Bulletin: Nightmare Eclipse drops fresh 0dayriskybiz_news · 2026-06-10
- ZDI-26-355: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerabilityzdi_published · 2026-06-10
- Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63)jpcert · 2026-06-10
- Security Alert: Microsoft Releases June 2026 Security Updatesjpcert · 2026-06-10
- Prompt Engineering for Security Agents: A Measurable Approach with GEPAspecterops · 2026-06-10
- Introducing GhostWorks: A Practical AI Initiative from SpecterOpsspecterops · 2026-06-10
- More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520)watchtowr · 2026-06-10
- 2026 FIFA World Cup: What Public Safety Officials Need to Knowrecordedfuture · 2026-06-10
- China's Noncombatant Evacuation Operations: 2005–2025recordedfuture · 2026-06-10
- Introducing the ZAgent Framework: The Foundation for Autonomous SASEzscaler_threatlabz · 2026-06-09
- A Record-Breaking Patch Tuesday for June 2026krebs · 2026-06-09
- Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibilityunit42 · 2026-06-09
- Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilitiestalos · 2026-06-09
- The June 2026 Security Update Reviewzdi_blog · 2026-06-09
- Zscaler is “Highly Effective & Reliable” in NSS Labs SSE Threat Protection Testzscaler_threatlabz · 2026-06-09
- Technical Analysis of MLTBackdoorzscaler_threatlabz · 2026-06-09
- User-to-User Authentication: Down the Rabbit Hole – Part 1specterops · 2026-06-09
- Suspected North Korean actors use fake ‘coding assignments’ to steal cryptoproofpoint · 2026-06-09
- AI Threat Readiness Pillar 2: Accelerate Patching and Responsewiz_research · 2026-06-09
- Phishing attacks leverage TikTok, Instagram Reelsreversinglabs · 2026-06-09
- Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257unit42 · 2026-06-09
- Phishing for Lobsters: How We Tricked OpenClaw into Spilling Secretsvaronis_blog · 2026-06-09
- Gartner Security Summit 2026: Huntress 5 Key Takeawayshuntress · 2026-06-09
- Defend against frontier cyber models: Cloudflare's architecture as customer zerocloudflare_security · 2026-06-09
- [CISA KEV] CVE-2026-11645 — Google Chromium V8: Google Chromium V8 Out-of-Bounds Read and Write Vulnerabilitycisa_kev · 2026-06-09
- [CISA KEV] CVE-2026-7473 — Arista Extensible Operating System: Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerabilitycisa_kev · 2026-06-09
- [CISA KEV] CVE-2026-20245 — Cisco Catalyst SD-WAN Manager: Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerabilitycisa_kev · 2026-06-09
- Russia’s Defense-Based Economy Risks Forcing Putin to Fight Warsrecordedfuture · 2026-06-09
- Wi-Fi Performance Crisis? How ZDX Revealed a Hidden Channel Conflict in 15 Minuteszscaler_threatlabz · 2026-06-08
- When “Hi, This Is IT” Comes Through Microsoft Teamsunit42 · 2026-06-08
- Crowdsourced AI += Knosticvirustotal_blog · 2026-06-08
- Between Two Nerds: Nerds at NATOriskybiz_news · 2026-06-08
- Understanding Illicit Ecosystems: Weaponizing Mainstream Apps and Social Infrastructureflashpoint · 2026-06-08
- Zscaler CXO Monthly Roundup | May 2026zscaler_threatlabz · 2026-06-08
- Keeping a Short Leash: New AzureHound Least-Privilege Documentationspecterops · 2026-06-08
- Investigating suspicious AI workflows in Microsoft Entra Agent ID: Assistive agentsred_canary · 2026-06-08
- May 2026 Dark Web Breach Incident Trend Reportahnlab · 2026-06-08
- May 2026 Dark Web Threat Actor Trend Reportahnlab · 2026-06-08
- May 2026 Dark Web Issue Trend Reportahnlab · 2026-06-08
- 8th June – Threat Intelligence Reportcheckpoint_research · 2026-06-08
- Turning Cloudflare’s threat indicators into real-time WAF rulescloudflare_security · 2026-06-08
- Introducing Wiz Cloud Cost: Powering Cost Management and Optimization with Contextwiz_research · 2026-06-08
- Customer case study: How Intelligence Center™ helps CTI teams cut through noise and act with confidenceeclecticiq · 2026-06-08
- Your Origin Server Might Be Your Most Expensive Decisionakamai_blog · 2026-06-08
- Top GenAI security resources — June 2026adversa · 2026-06-08
- Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacksriskybiz_news · 2026-06-08
- [CISA KEV] CVE-2026-42271 — BerriAI LiteLLM: BerriAI LiteLLM Command Injection Vulnerabilitycisa_kev · 2026-06-08
- [CISA KEV] CVE-2026-50751 — Check Point Security Gateway: Check Point Security Gateway Improper Authentication Vulnerabilitycisa_kev · 2026-06-08
- May 2026 CVE Landscaperecordedfuture · 2026-06-08
- [webapps] OpenEMR 7.0.2 - Arbitrary File Readexploitdb · 2026-06-08
- At Zenith Live 2026, Zero Trust Cloud Takes Workload Security Furtherzscaler_threatlabz · 2026-06-05
- The “Skyway” to OSS Security: OpenSSF Community Day North America 2026 Recapopenssf_blog · 2026-06-05
- Seeking Counsel: Ongoing Targeted Campaign Against US Law Firmsmandiant_gti · 2026-06-05
- Why Huntress Doesn’t Need FedRAMPhuntress · 2026-06-05
- [NVD] CVE-2026-11332 (HIGH 7.8) — A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags thronvd · 2026-06-05
- Risky Bulletin: EU unveils digital sovereignty planriskybiz_news · 2026-06-05
- [CISA KEV] CVE-2026-28318 — SolarWinds Serv-U: SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerabilitycisa_kev · 2026-06-05
- [webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injectionexploitdb · 2026-06-05
- Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantagerecordedfuture · 2026-06-05
- [Breach] Madison Square Garden Sports — 9,796,738 accounts exposedhibp_breaches · 2026-06-05
- How 56 npm packages used binding.gyp to steal secretsreversinglabs · 2026-06-04
- Quarterly WordPress Threat Intelligence Report – Q1 2026wordfence · 2026-06-04
- VerdantBamboo: Just Another BRICKSTORM in the Firewallvolexity · 2026-06-04
- The Deception Redemptionzscaler_threatlabz · 2026-06-04
- Ghostwriter v7: Safer Tokens, Scoped Access, and Better Automationspecterops · 2026-06-04
- China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africaproofpoint · 2026-06-04
- Dependency remediation bolstered with CVE Lite CLIreversinglabs · 2026-06-04
- AI Threat Readiness Pillar 1: Reduce Critical Exposures & Scan with AIwiz_research · 2026-06-04
- AIRQ: The First Independent AI Agent Security Rating and Open Source Risk Scoring Framework Ranks 100+ AI Agentsadversa · 2026-06-04
- Cybercriminals Are Targeting the FIFA World Cup 2026fortinet_research · 2026-06-04
- Putting CLIMATE into Practice: Building an Inventory Management Planakamai_blog · 2026-06-04
- Software supply chain attacks: check your dependenciesncsc_uk · 2026-06-04
- Srsly Risky Biz: NATO's cyber approach needs to changeriskybiz_news · 2026-06-04
- Top MCP security resources — June 2026adversa · 2026-06-04
- Node-gyp Supply Chain Compromise: A Self-Propagating npm Worm That Hides in binding.gypsnyk · 2026-06-04
- So You Have an AI Security Budget. Now what?snyk · 2026-06-04
- Threats to the 2026 FIFA World Cuprecordedfuture · 2026-06-04
- Type Level Security: The future of secure AI code generation?snyk · 2026-06-04
- Remembering Sir Alex Youngerrecordedfuture · 2026-06-04
- Top Features To Look For in an SSE Platformzscaler_threatlabz · 2026-06-03
- Emerging Hospice Fraud Targeting Medicare Recipientsic3_fbi · 2026-06-03
- Updates from Europe: Single Reporting Platform, Public Consultations, New Publicationsopenssf_blog · 2026-06-03
- Cisco Webex Meetings Cross-Site Scripting Vulnerabilitycisco_psirt · 2026-06-03
- Ransom & Dark Web Issues Week 1, June 2026ahnlab · 2026-06-03
- Get ahead of frontier AI: 5 AppSec strategy upgradesreversinglabs · 2026-06-03
- Inside .NET Loader Analysis: From Malspam to In-Memory Loaderhuntress · 2026-06-03
- Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystemcheckpoint_research · 2026-06-03
- The AI risk quadrant for agents: scoring 100 digital workers nobody securedadversa · 2026-06-03
- Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMOfortinet_research · 2026-06-03
- Optimize AI Inference: Real-Time NodeBalancers Metrics for AI Workloadsakamai_blog · 2026-06-03
- The sorry state of skill distributiontrailofbits · 2026-06-03
- Lessons for life: Why children’s data is a long-term identity riskwls_eset · 2026-06-03
- Risky Bulletin: FSB calls out Western spyware operationriskybiz_news · 2026-06-03
- [CISA KEV] CVE-2026-45247 — Mirasvit Mirasvit Full Page Cache Warmer: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerabilitycisa_kev · 2026-06-03
- The New Security Risks of the Agentic Development Lifecyclesnyk · 2026-06-03
- How to Establish Least-Privilege Access for AI Agents and Assistantszscaler_threatlabz · 2026-06-02
- Highlights from the Akamai India Partner Summit 2026akamai_blog · 2026-06-02
- CVE noise drowns out supply chain threatsreversinglabs · 2026-06-02
- Unpatched NTLM Leakage in Windows search: URI Handler, Same Bug, No CVE, No Fixhuntress · 2026-06-02