T1071 - Application Layer Protocol is a mitre_attack tracked across 50 threat clusters and 837 intelligence report mentions on ThreatCluster. First observed November 19, 2025; most recent activity July 17, 2026.
CVE-2026-2441 is a zero-day CSS vulnerability affecting all Chromium-based browsers, allowing attackers to exploit a use-after-free condition in the Blink rendering engine. This vulnerability enables the theft of…
SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is…
Cisco has disclosed a critical authentication bypass vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated remote attackers to bypass authentication and…
The FBI and partners disrupted a covert network of compromised TP-Link and MikroTik routers exploited by the Russian GRU (APT28) to steal Outlook credentials. This operation, known as Operation Masquerade, revealed that…
Operation Highland, attributed to the Velvet Ant cyberespionage group, involved a sophisticated attack that began in 2016 and persisted undetected for a decade. The attackers hijacked the authentication stack of a major…
A cybersecurity incident involved a fake job interview scheme on Wellfound, where an operator named 'Felix' from 'HyperHive' targeted an individual using a social engineering tactic referencing their real CV. The attack…
Gamaredon, a Russian state-backed APT group, is actively exploiting a WinRAR vulnerability (CVE-2025-8088) to deploy malware against Ukrainian government and military targets. The attack begins with a spearphishing…
The GhostShell malware cluster is actively targeting Ukraine’s UAV operations and defense supply chain. Utilizing advanced techniques such as mTLS-authenticated implants and Telegram-based loaders, the attackers gain…
Check Point Software Technologies disclosed a critical authentication bypass vulnerability (CVE-2026-50751) affecting its Remote Access VPN and Mobile Access products, with exploitation confirmed since May 7, 2026. The…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…