T1557 - Adversary-in-the-Middle is a mitre_attack tracked across 32 threat clusters and 34 intelligence report mentions on ThreatCluster. First observed November 4, 2025; most recent activity July 16, 2026.
The FBI and partners disrupted a covert network of compromised TP-Link and MikroTik routers exploited by the Russian GRU (APT28) to steal Outlook credentials. This operation, known as Operation Masquerade, revealed that…
Check Point Software Technologies disclosed a critical authentication bypass vulnerability (CVE-2026-50751) affecting its Remote Access VPN and Mobile Access products, with exploitation confirmed since May 7, 2026. The…
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
A significant update for nginx has been released to address multiple vulnerabilities affecting openSUSE Leap 15.6. The vulnerabilities include CVE-2026-1642, a plaintext data injection flaw, CVE-2026-27654, a buffer…
TP-Link has patched multiple critical vulnerabilities in its Archer NX router series, specifically affecting models NX200, NX210, NX500, and NX600. The most severe flaw, CVE-2025-15517, allows unauthenticated attackers…
Recent updates for Oracle Linux address critical vulnerabilities in Ruby affecting versions 2.5, 3.3, and 4.0. Key issues include a code execution flaw (CVE-2026-41316) and denial of service vulnerabilities…
On April 7, 2026, reports emerged that Russian military hackers have successfully rerouted internet traffic of British users. This operation is believed to be a state-sponsored cyber attack aimed at compromising…
A coordinated international effort led by Microsoft and Europol has dismantled Tycoon2FA, a significant phishing-as-a-service platform responsible for bypassing multi-factor authentication and enabling large-scale…
A report by OX Security has identified a critical vulnerability in the Model Context Protocol (MCP) developed by Anthropic, potentially exposing over 200,000 AI servers to remote code execution. The flaw lies in the…
A cybersecurity investigation revealed that over 3,800 DICOM servers are exposed to the internet, compromising the personal health information of approximately 16 million patients across more than 110 countries. The…