THREAT OPS › Threat News
Threat Intelligence News
2543 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- [dragonforce] STEP Oiltools posted to leak siteransomware_live · 2026-07-12
- [m3rx] eclective.ie posted to leak siteransomware_live · 2026-07-12
- [m3rx] foreconinc.com posted to leak siteransomware_live · 2026-07-12
- [m3rx] wrtworld.com posted to leak siteransomware_live · 2026-07-12
- [titan] Cooperate service CZ s.r.o. posted to leak siteransomware_live · 2026-07-12
- [titan] Eureka Construction INC posted to leak siteransomware_live · 2026-07-12
- Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Installthehackernews · 2026-07-11
- Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaignsthehackernews · 2026-07-11
- [dragonforce] Access Equipment Hire posted to leak siteransomware_live · 2026-07-11
- [qilin] Century Equities posted to leak siteransomware_live · 2026-07-11
- [qilin] Retelit SpA PIVA posted to leak siteransomware_live · 2026-07-11
- [qilin] Carolina Agri-Power posted to leak siteransomware_live · 2026-07-11
- [qilin] Allied Plumbing & Heating posted to leak siteransomware_live · 2026-07-11
- [cmdorganization] Golden Star Resources posted to leak siteransomware_live · 2026-07-11
- Wireshark 4.6.7 Released, (Sat, Jul 11th)sans_isc · 2026-07-11
- 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secretsbleepingcomputer · 2026-07-11
- Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessionsthehackernews · 2026-07-11
- Weekly Metasploit Update: Exploits for FlowiseAI CSV Agent and MacOS Package Kitrapid7 · 2026-07-11
- No Manners Here: The Ruthless Rise of The Gentlemen Ransomwareunit42 · 2026-07-10
- New U-Boot flaws could enable stealthy firmware attacksbleepingcomputer · 2026-07-10
- [dragonforce] The Schuett Companies posted to leak siteransomware_live · 2026-07-10
- [GHSA] GHSA-g936-7jqj-mwv8 (critical) — TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalationgithub_advisories · 2026-07-10
- [GHSA] GHSA-fpg8-7664-jc5q (high) — melange: Incomplete package integrity verification allows data section substitutiongithub_advisories · 2026-07-10
- Friday Squid Blogging: “Squidbleed” Vulnerabilityschneier · 2026-07-10
- [GHSA] GHSA-48rx-c7pg-q66r (medium) — Excon does not redact additional sensitive/risky headers when following redirectsgithub_advisories · 2026-07-10
- [GHSA] GHSA-h4g2-xfmw-q2c9 (high) — Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unsetgithub_advisories · 2026-07-10
- [GHSA] GHSA-rqq5-2gf9-4w4q (medium) — Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted inputgithub_advisories · 2026-07-10
- [GHSA] GHSA-56mp-4f3v-fgj2 (critical) — SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Contentgithub_advisories · 2026-07-10
- [GHSA] GHSA-m5f5-28qr-9g9r (critical) — prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCEgithub_advisories · 2026-07-10
- BitWarden security advisory (AV26-683)cccs_ca · 2026-07-10
- [GHSA] GHSA-5xfx-xj4h-5p7r (critical) — SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()github_advisories · 2026-07-10
- AL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 1cccs_ca · 2026-07-10
- Microsoft Edge security advisory (AV26-682)cccs_ca · 2026-07-10
- Broadcom VMware security advisory (AV26-681)cccs_ca · 2026-07-10
- URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threatthehackernews · 2026-07-10
- Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packagesthehackernews · 2026-07-10
- [qilin] Eurodefi posted to leak siteransomware_live · 2026-07-10
- Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Bootthehackernews · 2026-07-10
- My Stack Simulator, (Wed, Jul 8th)sans_isc · 2026-07-10
- Post-Quantum Cryptography Is Here. Orca Can Help.orca_security · 2026-07-10
- [interlock] Borger ISD posted to leak siteransomware_live · 2026-07-10
- Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patchedthehackernews · 2026-07-10
- Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flawsthehackernews · 2026-07-10
- How HalluSquatting Could Fuel Agentic Botnetssocradar_blog · 2026-07-10
- CVE-2026-47291: Remote Code Execution in the Windows HTTP.syszdi_blog · 2026-07-10
- [qilin] Hilo posted to leak siteransomware_live · 2026-07-10
- [qilin] Promotora Zacapu posted to leak siteransomware_live · 2026-07-10
- [qilin] Navana Real Estate posted to leak siteransomware_live · 2026-07-10
- This new Windows malware can take over your PC and wipe it cleanmalwarebytes_blog · 2026-07-10
- New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Trafficthehackernews · 2026-07-10
- [Deadlock] Catcorp posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Weinberg ''93 Építő Kft. posted to leak siteransomware_live · 2026-07-10
- [Deadlock] The Morton Grove Park District posted to leak siteransomware_live · 2026-07-10
- [Deadlock] LA SEVILLANITA SRL posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Schlenker and Cantwell, P.A. posted to leak siteransomware_live · 2026-07-10
- [Deadlock] WiBeats S.r.l. posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Grupo Vanguardia posted to leak siteransomware_live · 2026-07-10
- [Deadlock] WH Müller posted to leak siteransomware_live · 2026-07-10
- [Deadlock] DOCTUS USA Inc posted to leak siteransomware_live · 2026-07-10
- [Deadlock] ACU - The Automobile Club of Uruguay posted to leak siteransomware_live · 2026-07-10
- [Deadlock] CIATI posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Quetzal Química posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Abhay Prabhavana posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Güven Mühendislik Makina posted to leak siteransomware_live · 2026-07-10
- [Deadlock] 3Gi Solutions, is an IT Services Provider located in Montreal, Quebec. posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Werken Química Brasil S.A. posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Židlochovice city posted to leak siteransomware_live · 2026-07-10
- [Deadlock] BARCELONA URBAN PROPERTY CHAMBER posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Optimal Care SA posted to leak siteransomware_live · 2026-07-10
- [Deadlock] Anidaport - Investimentos Imobiliários Lda., Lisbon, Portugal posted to leak siteransomware_live · 2026-07-10
- [Deadlock] LIVISTO posted to leak siteransomware_live · 2026-07-10
- Guide to System Hardening: Checklist & Best Practices [2026] | Huntresshuntress · 2026-07-10
- Cloud Risk Reduction Strategies for Fintechorca_security · 2026-07-10
- Top 10 MSSPs in Saudi Arabia in 2026socradar_blog · 2026-07-10
- CISA Adds Two Known Exploited Vulnerabilities to Catalogcisa_advisories · 2026-07-10
- Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Serversthehackernews · 2026-07-10
- Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sitesthehackernews · 2026-07-10
- Top 10 Cyber Threat Exposure Management Platformssocradar_blog · 2026-07-10
- How mule betting scams recruit ordinary peoplemalwarebytes_blog · 2026-07-10
- AI Surveillance and Social Progressschneier · 2026-07-10
- Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Trackingthehackernews · 2026-07-10
- Two Chrome updates in two days fix critical vulnerabilitiesmalwarebytes_blog · 2026-07-10
- Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Accessthehackernews · 2026-07-10
- "Comment stuffing" in an HTML phishing attachment as a mechanism for evading AI-based detection?, (Fri, Jul 10th)sans_isc · 2026-07-10
- Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Walletsthehackernews · 2026-07-10
- Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacksthehackernews · 2026-07-10
- MDASH and AI Reshape Windows Patchingsocradar_blog · 2026-07-10
- Akamai Cloud Pulse Audit Logs Are Generally Availableakamai_blog · 2026-07-10
- Risky Bulletin: NSA Tailored Access Operations is backriskybiz_news · 2026-07-10
- Sponsored: Why Sublime doesn’t toss AI at every emailriskybiz_news · 2026-07-10
- ISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)sans_isc · 2026-07-10
- New Forg365 PhaaS Kit Emergesduo_decipher · 2026-07-10
- June 2026 CVE Landscaperecordedfuture · 2026-07-10
- [CISA KEV] CVE-2026-56291 — Balbooa Forms: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerabilitycisa_kev · 2026-07-10
- [CISA KEV] CVE-2026-48939 — iCagenda iCagenda: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerabilitycisa_kev · 2026-07-10
- Reduce Human Risk | Build a Strong Security Awareness Training Program | Huntresshuntress · 2026-07-09
- Django security advisory (AV26-084) – Update 1cccs_ca · 2026-07-09
- How to Meet a 3-Day Remediation SLA & Comply with CISA BOD 26-04qualys · 2026-07-09
- Why Do F1 Teams Need Cybersecurity, and How Is AI Changing the Threat Landscape?zscaler_threatlabz · 2026-07-09
- WolfSSL, GeoVision, VTK vulnerabilitiestalos · 2026-07-09