Outlook is a organization tracked across 50 threat clusters and 70 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity July 14, 2026.
The MonikerLink vulnerability in Microsoft Outlook allows for remote code execution via malicious hyperlinks in emails. Discovered by Check Point Research, a proof-of-concept exploit has been released, potentially…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
The FBI has seized two websites linked to the Iranian hacktivist group Handala following their cyberattack on Stryker Corporation, a U.S. medical technology firm. The attack, which occurred on March 11, 2026, involved…
The Harvester APT group has launched a Linux variant of its GoGra backdoor, utilizing the Microsoft Graph API and Outlook mailboxes for covert command-and-control operations. This malware is designed to evade…
On March 27, 2026, the Iranian-linked hacking group Handala claimed to have breached FBI Director Kash Patel's personal email account, releasing over 300 emails and personal photographs online. The FBI confirmed the…
The FBI has issued a warning regarding the Kali365 phishing kit, which is actively stealing Microsoft OAuth tokens and bypassing multi-factor authentication (MFA) protocols. First identified in April 2026, Kali365 is…
Microsoft has disclosed three critical remote code execution (RCE) vulnerabilities in Outlook and Word, identified as CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635. These vulnerabilities, published on June 9, 2026,…
A coordinated international effort led by Microsoft and Europol has dismantled Tycoon2FA, a significant phishing-as-a-service platform responsible for bypassing multi-factor authentication and enabling large-scale…