THREAT OPS › Threat News
Threat Intelligence News
2556 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- [CISA KEV] CVE-2026-56291 — Balbooa Forms: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerabilitycisa_kev · 2026-07-10
- [CISA KEV] CVE-2026-48939 — iCagenda iCagenda: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerabilitycisa_kev · 2026-07-10
- Reduce Human Risk | Build a Strong Security Awareness Training Program | Huntresshuntress · 2026-07-09
- Django security advisory (AV26-084) – Update 1cccs_ca · 2026-07-09
- How to Meet a 3-Day Remediation SLA & Comply with CISA BOD 26-04qualys · 2026-07-09
- Why Do F1 Teams Need Cybersecurity, and How Is AI Changing the Threat Landscape?zscaler_threatlabz · 2026-07-09
- WolfSSL, GeoVision, VTK vulnerabilitiestalos · 2026-07-09
- Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgsthehackernews · 2026-07-09
- New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spywarethehackernews · 2026-07-09
- FreePBX security advisory (AV26-680)cccs_ca · 2026-07-09
- Google Chrome security advisory (AV26-679)cccs_ca · 2026-07-09
- npm 12 Disables Install Scripts by Default to Reduce Supply Chain Riskthehackernews · 2026-07-09
- How ProdSec uses Wizwiz_research · 2026-07-09
- Wiz in the Verizon DBIR: How AI Acceleration and Cloud Sprawl Impact Modern Defensewiz_research · 2026-07-09
- Finding SOCKS with Proxywatchspecterops · 2026-07-09
- AI-BOM push borrows from the SBOM playbookreversinglabs · 2026-07-09
- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 29, 2026 to July 5, 2026)wordfence · 2026-07-09
- How World Cup crypto prediction sites take your moneymalwarebytes_blog · 2026-07-09
- ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Storiesthehackernews · 2026-07-09
- 6.9 million driver’s license numbers stolen from AssuranceAmericamalwarebytes_blog · 2026-07-09
- Beware of Phishing Emails Disguised as Money Transfer Confirmationsahnlab · 2026-07-09
- GigaWiper: Anatomy of a destructive backdoor assembled from multiple malwaremsstic · 2026-07-09
- How WP-SHELLSTORM Exposed 1.4M WordPress Sitessocradar_blog · 2026-07-09
- Conditional Access Misconfigurations Exposed 55 Orgs with MFA Onhuntress · 2026-07-09
- CitrixBleed 2 (CVE-2025-5777) 7Steps to Dragonforce Ransomware | Huntresshuntress · 2026-07-09
- Why we cannot wait for better post-quantum signature algorithmscloudflare_security · 2026-07-09
- The AI Agent Credential Crisis: From Stealer Log to Source Codesocradar_blog · 2026-07-09
- Q2 2026 Open Source Malware Indexsonatype · 2026-07-09
- Driving Real-World Impact: Inside Akamai’s 2025 Sustainability Reportakamai_blog · 2026-07-09
- One Target, Two Flags | Rival Espionage Actors Converge On Pakistani Law Enforcementsentinelone · 2026-07-09
- RoguePlanet Zero-Day Fixed in Microsoft Defendersocradar_blog · 2026-07-09
- AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Upthehackernews · 2026-07-09
- Cyber Essentials Pathways: from proof of concept to cyber confidencencsc_uk · 2026-07-09
- Schneider Electric Easergy MiCOM Px40 Seriescisa_advisories · 2026-07-09
- OpenPLC v3cisa_advisories · 2026-07-09
- Schneider Electric PowerChute Serial Shutdowncisa_advisories · 2026-07-09
- Schneider Electric PowerChute Serial Shutdowncisa_ics · 2026-07-09
- Schneider Electric Easergy MiCOM Px40 Seriescisa_ics · 2026-07-09
- OpenPLC v3cisa_ics · 2026-07-09
- Microsoft fixes RoguePlanet zero-day in Defendermalwarebytes_blog · 2026-07-09
- Top AI Coding Agent security resources — July 2026adversa · 2026-07-09
- 2026 State of AI Security: AI Is in Production. Security Isn’t.orca_security · 2026-07-09
- The Language of AI Could Change How Humans Speakschneier · 2026-07-09
- Summer of Clearinghousesthehackernews · 2026-07-09
- GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defensesthehackernews · 2026-07-09
- Turn off this Meta setting before someone generates AI images of youmalwarebytes_blog · 2026-07-09
- Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privilegesthehackernews · 2026-07-09
- Srsly Risky Biz: US Supreme Court undermines Section 702 intelriskybiz_news · 2026-07-09
- Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Imagesthehackernews · 2026-07-09
- [REVIVE-SA-2026-003] Revive Adserver Vulnerabilitiesfulldisclosure · 2026-07-09
- Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running Itthehackernews · 2026-07-09
- GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agentsthehackernews · 2026-07-09
- Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodesthehackernews · 2026-07-09
- ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)sans_isc · 2026-07-09
- Kainos Shares Five Essential Tips for Your Zscaler Deployment at Scalezscaler_threatlabz · 2026-07-09
- _HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)sans_isc · 2026-07-09
- Google Chrome Multiple Vulnerabilitieshkcert · 2026-07-09
- Palo Alto Products Multiple Vulnerabilitieshkcert · 2026-07-09
- Juniper Junos OS Multiple Vulnerabilitieshkcert · 2026-07-09
- PRC-linked influence operations are targeting AI debates in the USai_incident_db · 2026-07-09
- China, Russia and Others Seek to Inflame Debate Over A.I. Data Centersai_incident_db · 2026-07-09
- All Politics are Local, Until There’s a Foreign Megaphone: How State Actors & AI Slop Are Amplifying the Homegrown Data Center Revolt Ahead of the Midtermsai_incident_db · 2026-07-09
- Life in <U.S. state>, according to spammers from Bangladeshai_incident_db · 2026-07-09
- Not-so-anonymous telemetry: The @injectivelabs/sdk-ts backdoordatadog_seclabs · 2026-07-09
- Maryborough teenager allegedly told police he had planned mass murder for monthsai_incident_db · 2026-07-09
- Most nurses say AI isn’t good enough to trust with patient care, survey findsai_incident_db · 2026-07-09
- China Is Abusing AIai_incident_db · 2026-07-09
- 11 arrested over alleged AI deepfake scam impersonating President Mahamaai_incident_db · 2026-07-09
- Symlinks Are Still Scary (And Yes, You Can Commit Them to Git)snyk · 2026-07-09
- RiskX interview video featuring Colin Mahony and Mastercard's Aditi Sawhneyrecordedfuture · 2026-07-09
- When AI-Accelerated Discovery Outruns Patching, Exploitability Proof Decides What Gets Fixed Firstqualys · 2026-07-08
- CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities (Severity: LOW)paloalto_psirt · 2026-07-08
- Progress security advisory (AV26-678)cccs_ca · 2026-07-08
- GitLab security advisory (AV26-677)cccs_ca · 2026-07-08
- Drupal security advisory (AV26-676)cccs_ca · 2026-07-08
- When AI Models Outgrow Storageakamai_blog · 2026-07-08
- Juniper Networks security advisory (AV26-675)cccs_ca · 2026-07-08
- Palo Alto Networks security advisory (AV26-674)cccs_ca · 2026-07-08
- AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackersthehackernews · 2026-07-08
- AI Surveillance Is Being Supercharged–And It Will Chill Social Progresscitizenlab · 2026-07-08
- Cisco Advance Notification for Publication of July 15, 2026, Security Advisoriescisco_psirt · 2026-07-08
- Building a Mental Model for Kubernetes Security Researchspecterops · 2026-07-08
- CVE-2026-0280 PAN-OS: IPv6 Firewall Policy Bypass (Severity: LOW)paloalto_psirt · 2026-07-08
- CVE-2026-0282 PAN-OS: File Deletion Vulnerability in Management Web Interface (Severity: LOW)paloalto_psirt · 2026-07-08
- CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- CVE-2026-0281 PAN-OS: Information Disclosure Vulnerability in Management Web Interface (Severity: LOW)paloalto_psirt · 2026-07-08
- CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN) (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN) (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026) (Severity: HIGH)paloalto_psirt · 2026-07-08
- CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent (Severity: HIGH)paloalto_psirt · 2026-07-08
- CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability (Severity: LOW)paloalto_psirt · 2026-07-08
- CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- Tanium security advisory (AV26-673)cccs_ca · 2026-07-08
- Beyond Alert Fatigue: Architecting Next-Gen Data Security with Zscaler Workflow Automationzscaler_threatlabz · 2026-07-08
- n8n security advisory (AV26-672)cccs_ca · 2026-07-08
- Ubiquiti security advisory (AV26-671)cccs_ca · 2026-07-08
- New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malwarethehackernews · 2026-07-08
- June 2026 Dark Web Breach Incident Trend Reportahnlab · 2026-07-08