T1110 - Brute Force is a mitre_attack tracked across 50 threat clusters and 240 intelligence report mentions on ThreatCluster. First observed November 5, 2025; most recent activity July 16, 2026.
A sophisticated threat actor known as UAT-7290, tracked by Cisco Talos, has expanded its operations to target telecommunications providers in Southeastern Europe. This group, which has been active since at least 2022,…
A new threat actor, UAT-7290, has been identified conducting cyberattacks on telecommunications infrastructure in South Asia. This operation is linked to a China-Nexus state-sponsored advanced persistent threat (APT)…
UAT-7290, a China-linked advanced persistent threat group, has been active since at least 2022, focusing on espionage against telecommunications providers in South Asia. The group employs a range of Linux and Windows…
Cisco has disclosed a critical authentication bypass vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated remote attackers to bypass authentication and…
The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…
A significant cyber attack attributed to Russian hackers has compromised the email accounts of UK government officials and Foreign Office staff, exposing sensitive systems and critical infrastructure. Named…
On April 24, 2026, CISA added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. The affected products include SimpleHelp remote management software, Samsung MagicINFO 9 Server, and…