Volt Typhoon is a apt_group tracked across 50 threat clusters and 87 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 3, 2026.
A cyber threat actor has been exploiting a zero-day vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller since 2023. This vulnerability allows unauthenticated remote attackers to bypass authentication and…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
In recent months, cyber warfare has intensified due to rising geopolitical tensions, particularly involving North Korea, Iran, and Russia. North Korean hackers have infiltrated U.S. companies by embedding operatives as…
A China-linked threat actor known as Red Menshen has been conducting a long-term espionage campaign targeting global telecommunications networks using a stealthy Linux kernel backdoor called BPFdoor. This malware…
The UK's National Cyber Security Centre (NCSC) reported that 75% of over 200 cyber incidents affecting critical national infrastructure (CNI) in the past year were linked to hostile state actors, including Russia,…
On June 24, 2026, NIST published final guidelines for cybersecurity in the Water and Wastewater Sector, addressing the need for secure remote access to operational technology. The guidance includes architectures for…
The Cybersecurity and Infrastructure Security Agency (CISA) has initiated the CI Fortify program to bolster the resilience of critical infrastructure operators against cyberattacks. This initiative encourages…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a new guide titled 'Adapting Zero Trust Principles to Operational Technology' to assist organizations in implementing zero trust…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
Chinese operatives have revived the KV-botnet, a covert data transfer network previously dismantled by the FBI in January 2024. The botnet, which primarily exploits vulnerable routers and IoT devices, has seen a…