THREAT OPS › Threat News
Threat Intelligence News
2596 reports from 110+ open cyber-threat-intelligence sources — APT activity, malware, vulnerabilities and campaigns, newest first.
- CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent (Severity: HIGH)paloalto_psirt · 2026-07-08
- CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability (Severity: LOW)paloalto_psirt · 2026-07-08
- CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface (Severity: MEDIUM)paloalto_psirt · 2026-07-08
- Tanium security advisory (AV26-673)cccs_ca · 2026-07-08
- Beyond Alert Fatigue: Architecting Next-Gen Data Security with Zscaler Workflow Automationzscaler_threatlabz · 2026-07-08
- n8n security advisory (AV26-672)cccs_ca · 2026-07-08
- Ubiquiti security advisory (AV26-671)cccs_ca · 2026-07-08
- New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malwarethehackernews · 2026-07-08
- June 2026 Dark Web Breach Incident Trend Reportahnlab · 2026-07-08
- June 2026 Dark Web Issue Trend Reportahnlab · 2026-07-08
- June 2026 Dark Web Threat Actor Trend Reportahnlab · 2026-07-08
- Beware of Phishing Emails Disguised as Project Proposalsahnlab · 2026-07-08
- Ransom & Dark Web Issues Week 2, July 2026ahnlab · 2026-07-08
- Spectra Analyze in Action: Hunting Device Code Phishing Pagesreversinglabs · 2026-07-08
- Operationalizing Day Minus Seven: The Cloud-Native ROCqualys · 2026-07-08
- Maximum-Severity Adobe ColdFusion Flaw Exploited Within Hours of Disclosureorca_security · 2026-07-08
- Webinar Recap: Beyond the Perimeter: Mastering 3rd Party & Software Riskorca_security · 2026-07-08
- Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OSthehackernews · 2026-07-08
- Researchers Find New GhostApproval Bug in Many AI Coding Assistantsduo_decipher · 2026-07-08
- AI-Coded Malware | Analyzing Vibe-Coded AD Enumeration | Huntresshuntress · 2026-07-08
- GhostApproval: A Trust Boundary Gap in AI Coding Assistantswiz_research · 2026-07-08
- Langflow security advisory (AV26-670)cccs_ca · 2026-07-08
- New Ghost Phishing Wave Is Breaking Traditional Email Securitythehackernews · 2026-07-08
- Security Teams Are Ready To Become More Preemptive. What’s Holding Them Back?rapid7 · 2026-07-08
- Varonis Atlas Secures Cursor and the Agentic Development Lifecyclevaronis_blog · 2026-07-08
- Ubiquiti Fixes CVE-2026-50746 in UniFi Connectsocradar_blog · 2026-07-08
- Felons, Fraudsters Flog Offensive Cybersecurity Startupkrebs · 2026-07-08
- Wiz ASM for any environment, any risk, everywherewiz_research · 2026-07-08
- Your next car could be watching your facemalwarebytes_blog · 2026-07-08
- Cybersecurity and the Gap Between Skill and Abilityschneier · 2026-07-08
- Mutation testing comes to DAMLtrailofbits · 2026-07-08
- Securing the AI Frontier: A Blueprint for Partnersakamai_blog · 2026-07-08
- China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malwarethehackernews · 2026-07-08
- Keyword lists: Stop re-entering the same organizational context across every workfloweclecticiq · 2026-07-08
- ESET Threat Report H1 2026wls_eset · 2026-07-08
- CVE-2026-48282: Mitigating a Critical Vulnerability in Adobe ColdFusionakamai_blog · 2026-07-08
- LoTL Abuse: How to Spot It vs. Normal Admin Activity | Huntresshuntress · 2026-07-08
- 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distrosthehackernews · 2026-07-08
- CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEVthehackernews · 2026-07-08
- Risky Bulletin: DHS IG investigates forced CISA reassignmentsriskybiz_news · 2026-07-08
- ISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)sans_isc · 2026-07-08
- BeyondTrust Products Multiple Vulnerabilitieshkcert · 2026-07-08
- AI company Eightfold sued for helping companies secretly score job seekersai_incident_db · 2026-07-08
- Judge fines lawyers $12,000 over AI-generated submissions in patent caseai_incident_db · 2026-07-08
- 10th Circuit orders lawyer to pay $1,000 for faulty AI citationsai_incident_db · 2026-07-08
- JADEPUFFER: Agentic ransomware for automated database extortionai_incident_db · 2026-07-08
- ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkitelastic_security · 2026-07-08
- Coordinated GitHub API enumeration and access token abusedatadog_seclabs · 2026-07-08
- [webapps] Krayin CRM v2.2.x - Authenticated Remote Code Executionexploitdb · 2026-07-08
- [webapps] Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposureexploitdb · 2026-07-08
- [webapps] Langflow 1.9.0 - RCEexploitdb · 2026-07-08
- [webapps] Joomla Page Builder CK 3.5.10 - Arbitrary File Uploadexploitdb · 2026-07-08
- The Threat Isn’t the Frontier Modelrecordedfuture · 2026-07-08
- Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflationunit42 · 2026-07-07
- Best CWPP Tools in 2026: The Cloud Workload Protection Platform Buyer’s Guideorca_security · 2026-07-07
- Cloud Workload Protection Best Practices: How to Secure Cloud Workloads in 2026orca_security · 2026-07-07
- AI, Trust, and the Future of Threat Intelligenceflashpoint · 2026-07-07
- Adobe security advisory (AV26-647) – Update 2cccs_ca · 2026-07-07
- Google Chrome security advisory (AV26-669)cccs_ca · 2026-07-07
- HPE security advisory (AV26-668)cccs_ca · 2026-07-07
- OMB M-26-14: Why federal agencies must fix asset visibility firsttenable · 2026-07-07
- How the Reddit and Discord false report scam steals accountsmalwarebytes_blog · 2026-07-07
- Adaptive AI for Detecting Modern DGA Attacksakamai_blog · 2026-07-07
- How to Set Red Team Objectives that Produce Valuespecterops · 2026-07-07
- Zimbra security advisory (AV26-667)cccs_ca · 2026-07-07
- Django security advisory (AV26-666)cccs_ca · 2026-07-07
- Samsung mobile security advisory (AV26-665)cccs_ca · 2026-07-07
- [Control systems] ABB security advisory (AV26-664)cccs_ca · 2026-07-07
- Broadcom VMware security advisory (AV26-663)cccs_ca · 2026-07-07
- Android security advisory – July 2026 monthly rollup (AV26-662)cccs_ca · 2026-07-07
- What if you received an email about transferring your Kakao account? Check this first.ahnlab · 2026-07-07
- Files Locked Behind a White Padlock: A Warning from WhiteLock Ransomwareahnlab · 2026-07-07
- ‘Download pumping’ joins the trust-abuse bandwagonreversinglabs · 2026-07-07
- Qualys Joins Cisco Cloud Control Studio as a Launch Partner to Bring Risk Intelligence to Agentic Operationsqualys · 2026-07-07
- Chinese APT UAT-7810 Expands Malware Arsenalduo_decipher · 2026-07-07
- The ‘Ghost’ in the Database: Recovering Active ADFS Signing Keys via Machine DPAPImandiant_gti · 2026-07-07
- Fake Netflix, Coca-Cola, and FIFA job scams target marketersmalwarebytes_blog · 2026-07-07
- Horizon3.ai Names Matthew Schaner VP of Americas Saleshorizon3 · 2026-07-07
- Rogue Agent: How a Single Code Block Could Hijack Your AI Conversations in Google’s DialogFlowvaronis_blog · 2026-07-07
- Cloudflare proudly joins the UK government's Cyber Resilience Pledgecloudflare_security · 2026-07-07
- Meta Phishers Abuse Business Account Manager Service | Huntresshuntress · 2026-07-07
- Cyber Shield: The path to an agentic AI future for cyber defencencsc_uk · 2026-07-07
- Hitachi Energy PROMOD Vcisa_advisories · 2026-07-07
- Siemens SINEC OScisa_advisories · 2026-07-07
- Hydro-Québec Le Circuit Electrique charging station backendcisa_advisories · 2026-07-07
- Siemens Mendix Studio Procisa_advisories · 2026-07-07
- Digi International PortServer TS, Digi One SP IAcisa_advisories · 2026-07-07
- Hitachi Energy e-mesh EMScisa_advisories · 2026-07-07
- Labcenter Proteus 9cisa_advisories · 2026-07-07
- Siemens Mendix Studio Procisa_ics · 2026-07-07
- Hitachi Energy e-mesh EMScisa_ics · 2026-07-07
- Hydro-Québec Le Circuit Electrique charging station backendcisa_ics · 2026-07-07
- Hitachi Energy PROMOD Vcisa_ics · 2026-07-07
- Digi International PortServer TS, Digi One SP IAcisa_ics · 2026-07-07
- Siemens SINEC OScisa_ics · 2026-07-07
- Labcenter Proteus 9cisa_ics · 2026-07-07
- CISA Adds Three Known Exploited Vulnerabilities to Catalogcisa_advisories · 2026-07-07
- CISA Adds One Known Exploited Vulnerability to Catalogcisa_advisories · 2026-07-07
- Claude Code’s hidden tracker was an “experiment,” says Anthropicmalwarebytes_blog · 2026-07-07
- Google Is Suing Chinese Scammers Who Are Using Geminischneier · 2026-07-07