Azure is a organization tracked across 50 threat clusters and 309 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity July 16, 2026.
Ransomware operators have begun misusing Microsoft's AzCopy, a legitimate command-line utility, to facilitate data exfiltration in ongoing attacks. This shift marks a significant change in tactics, as attackers leverage…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
A critical zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft has been exploited by the ShinyHunters group, leading to breaches of over 100 organizations, primarily in the education sector. The vulnerability…
APT41, a China-backed threat group, has been identified using a new zero-detection ELF backdoor targeting Linux cloud workloads across major platforms including AWS, Google Cloud Platform, Microsoft Azure, and Alibaba…
On July 3, 2026, Google, in coordination with the FBI and other partners, disrupted the NetNut residential proxy network, also known as the Popa botnet. This operation targeted over 2 million compromised consumer…
Chinese state-backed group TA416 has reemerged with intensified cyber espionage campaigns targeting European governments, following a quiet period since 2023. Proofpoint reported that the group's renewed activity began…
In 2024, ESET identified a new China-aligned APT group named LongNosedGoblin, which targets governmental entities in Southeast Asia and Japan. The group employs a custom toolset, primarily using C#/.NET applications, to…
In July 2026, Adobe and Microsoft released significant security updates addressing numerous vulnerabilities. Adobe issued 12 bulletins for 88 unique CVEs, with a focus on ColdFusion and Commerce patches, including a…
The TeamPCP threat group has expanded its supply chain attack campaign, compromising the Microsoft DurableTask Python client with versions v1.4.1, v1.4.2, and v1.4.3 found to contain a credential-stealing worm. This…
Microsoft has patched a high-severity zero-day vulnerability in Exchange Server, tracked as CVE-2026-42897, which allows attackers to execute arbitrary JavaScript via crafted emails in Outlook Web Access. The flaw…