THREAT OPS › Threat News
Threat Intelligence News
2569 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- [CISA KEV] CVE-2026-8398 — Daemon Daemon Tools Lite: Daemon Tools Lite Embedded Malicious Code Vulnerabilitycisa_kev · 2026-05-27
- [local] Linux Kernel - Local Privilege Escalationexploitdb · 2026-05-27
- [webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversalexploitdb · 2026-05-27
- [webapps] EspoCRM 9.3.3 - SSRFexploitdb · 2026-05-27
- [webapps] scramble - Remote Code Executionexploitdb · 2026-05-27
- [hardware] MeiG Smart FORGE_SLT711 - OS Command Injectionexploitdb · 2026-05-27
- [local] Realtek rtl819x - Local Privilegeexploitdb · 2026-05-27
- [webapps] OpenCATS 0.9.7.4 - SQL Injectionexploitdb · 2026-05-27
- Introducing Password-Less Provisioning and Atomic Customization for VMsakamai_blog · 2026-05-26
- Researcher's Notebook: Hunting Megalodon Fossilsreversinglabs · 2026-05-26
- Intelligence Insights: May 2026red_canary · 2026-05-26
- Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Datafortinet_research · 2026-05-26
- State of SDLC Security 2026: How Risk Scales in Modern Developmentwiz_research · 2026-05-26
- AI Threat Landscape Digest March-April 2026checkpoint_research · 2026-05-26
- BTMOB: A stealthy RAT burrowing deep into Android deviceswls_eset · 2026-05-26
- From Cookies to Keys: The Threat of Session Hijackinghuntress · 2026-05-26
- Detecting Tycoon 2FA AiTM attacks across Entra ID and Google Workspaceelastic_security · 2026-05-26
- [CISA KEV] CVE-2026-48172 — LiteSpeed cPanel Plugin: LiteSpeed cPanel Plugin Privilege Escalation Vulnerabilitycisa_kev · 2026-05-26
- [webapps] Grav CMS 2.0.0-beta.2 - Remote Code Executionexploitdb · 2026-05-26
- 25th May – Threat Intelligence Reportcheckpoint_research · 2026-05-25
- Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerabilitymandiant_gti · 2026-05-25
- 2 PhaaS 2 Furious: The Evolution of Chinese-Language Phishing Servicesmandiant_gti · 2026-05-25
- Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattackskrebs · 2026-05-25
- Risky Bulletin: Mythos has found thousands of critical bugsriskybiz_news · 2026-05-25
- Sponsored: Teaching AI agents the rules of the roadriskybiz_news · 2026-05-24
- Laravel Lang Supply Chain Advisorysnyk · 2026-05-23
- Update: search-for-compression.py Version 0.0.7didier_stevens · 2026-05-23
- [Breach] Baker Distributing — 102,935 accounts exposedhibp_breaches · 2026-05-23
- [Breach] DentaQuest — 2,553,599 accounts exposedhibp_breaches · 2026-05-23
- [Breach] Charter — 4,851,517 accounts exposedhibp_breaches · 2026-05-23
- GitHub breach: The development ecosystem is in the hot seatreversinglabs · 2026-05-22
- Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacksproofpoint · 2026-05-22
- Bringing full YAML anchor support to zizmortrailofbits · 2026-05-22
- Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandisewls_eset · 2026-05-22
- Security Alert: [Updated] Alert Regarding Multiple Vulnerabilities in Trend Micro Products Including TrendAI Apex Onejpcert · 2026-05-22
- Risky Bulletin: Microsoft ends SMS MFA for personal accountsriskybiz_news · 2026-05-22
- WordPress Site Down? Here’s How to Get Back Onlinesucuri_blog · 2026-05-22
- The Coverage Gap: Why Your Blocklist Is Missing 119,000 Malicious IPs Todaygreynoise_blog · 2026-05-22
- [CISA KEV] CVE-2026-9082 — Drupal Core: Drupal Core SQL Injection Vulnerabilitycisa_kev · 2026-05-22
- PHANTOMPULSE: anatomy of a hijackable blockchain-C2 RATelastic_security · 2026-05-22
- Decentralized Threat: Stealthy P2P Cryptominer Targeting Ollama Endpointsakamai_blog · 2026-05-21
- Claude Enterprise Meets the Security Graph: Wiz Integrates with Anthropic's Compliance APIwiz_research · 2026-05-21
- Snyk announces Anthropic updates: Evo integrates with Claude Enterprise, and Snyk Desk comes to Claude Desktopsnyk · 2026-05-21
- Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claudeproofpoint · 2026-05-21
- Introducing TailscaleHound: Mapping Tailscale Attack Paths in BloodHoundspecterops · 2026-05-21
- AI agents are the new insider threatreversinglabs · 2026-05-21
- How Huntress Uses Managed SIEM to Detect Threats Fasterhuntress · 2026-05-21
- Secure Identity at the Edge: Akamai Partners with Auth0akamai_blog · 2026-05-21
- CVE-2026-9082: Mitigating a Critical SQL Injection Vulnerability in Drupalakamai_blog · 2026-05-21
- SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealereclecticiq · 2026-05-21
- The Gentleman Ransomware | Defense Evasion TTPs Uncovered | Huntresshuntress · 2026-05-21
- Srsly Risky Biz: Politicians ditch Signal for homegrown appsriskybiz_news · 2026-05-21
- Securing The AI Revolution: How Snyk And Our Partners Are Scaling For The Futuresnyk · 2026-05-21
- A New SonicWall Scanning Spike Echoes the Pattern That Preceded CVE-2026-0400greynoise_blog · 2026-05-21
- The Vulnerability Flood Is Now a Board Conversation. Here's How to Lead It.recordedfuture · 2026-05-21
- [CISA KEV] CVE-2025-34291 — Langflow Langflow: Langflow Origin Validation Error Vulnerabilitycisa_kev · 2026-05-21
- [CISA KEV] CVE-2026-34926 — Trend Micro Apex One: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerabilitycisa_kev · 2026-05-21
- Unpatchable Vulnerabilities of Kubernetes: CVE-2021-25740datadog_seclabs · 2026-05-21
- Hackers Abuse Parental Controls to Hijack Google Accountsreversinglabs · 2026-05-20
- Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerabilitycisco_psirt · 2026-05-20
- Cisco Secure Workload Unauthorized API Access Vulnerabilitycisco_psirt · 2026-05-20
- Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerabilitycisco_psirt · 2026-05-20
- Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerabilitycisco_psirt · 2026-05-20
- Spectra Analyze, Spectra Core Update: Deeper Detection, Smarter Analysisreversinglabs · 2026-05-20
- Misconfigured, Enrolled and Dormant: Anatomy of a P2Pinfect Kubernetes Compromisefortinet_research · 2026-05-20
- Inside the RaaS Ecosystem: Operators, Affiliates & Attack Tradecraft | Huntresshuntress · 2026-05-20
- This Is a Hold-Up: Financial Services Under Attackakamai_blog · 2026-05-20
- Webworm: New burrowing techniqueswls_eset · 2026-05-20
- Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangsriskybiz_news · 2026-05-20
- A Day in the Life of a Strategy Co-Op in Snyk’s Boston Officesnyk · 2026-05-20
- [CISA KEV] CVE-2008-4250 — Microsoft Windows: Microsoft Windows Buffer Overflow Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2009-1537 — Microsoft DirectX: Microsoft DirectX NULL Byte Overwrite Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2009-3459 — Adobe Acrobat and Reader: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2010-0249 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2010-0806 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2026-41091 — Microsoft Defender: Microsoft Defender Link Following Vulnerabilitycisa_kev · 2026-05-20
- [CISA KEV] CVE-2026-45498 — Microsoft Defender: Microsoft Defender Denial of Service Vulnerabilitycisa_kev · 2026-05-20
- The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromisedsnyk · 2026-05-19
- Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defensecisco_psirt · 2026-05-19
- durabletask: TeamPCP's Latest PyPi Compromisewiz_research · 2026-05-19
- Introducing Runtime Threat Detection for Google Cloud Runwiz_research · 2026-05-19
- The quest for greater tech independencewls_eset · 2026-05-19
- The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wavewiz_research · 2026-05-19
- Exposed RDP: The Misconfiguration Attackers Keep Exploitinghuntress · 2026-05-19
- Between Two Nerds: Russia's hacker universityriskybiz_news · 2026-05-19
- At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026recordedfuture · 2026-05-19
- What to Do When a Third-Party Data Breach Puts Your Website at Risksucuri_blog · 2026-05-18
- Threat Actor Defense Evasion: How Attackers Disable AV & EDRhuntress · 2026-05-18
- From Cryptographic Blind Spots to Post-Quantum Agility: Introducing Wiz for PQC Readinesswiz_research · 2026-05-18
- Why commercial cyber threat intelligence is failing defense operationseclecticiq · 2026-05-18
- CVE-2026-42945: Mitigating a Critical Heap Buffer Overflow Vulnerability in NGINXakamai_blog · 2026-05-18
- Project Glasswing: what Mythos showed uscloudflare_security · 2026-05-18
- Risky Bulletin: Indonesia emerges as a new hub for cyber scamsriskybiz_news · 2026-05-18
- Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environmentsdatadog_seclabs · 2026-05-18
- Sponsored: Push Security goes AI threat hunting in browser telemetryriskybiz_news · 2026-05-17
- Pwn2Own Berlin 2026: Day Three Results and Master of Pwzdi_blog · 2026-05-16
- 19 Cloud Security Challenges and How to Mitigate Risk | Huntresshuntress · 2026-05-15
- Most Common Passwords to Compromise Security in 2026huntress · 2026-05-15
- Welcome to BlackFile: Inside a Vishing Extortion Operationmandiant_gti · 2026-05-15
- Raising the bar: Quality, shared responsibility, and the future of GitHub’s bug bounty programgithub_security_lab · 2026-05-15