Shodan is a tool tracked across 32 threat clusters and 37 intelligence report mentions on ThreatCluster. First observed November 8, 2025; most recent activity July 14, 2026.
A critical authentication vulnerability in the Appsmith low-code platform, tracked as CVE-2026-22794, has been exploited to facilitate user account takeovers. The flaw allows attackers to manipulate password reset links…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
A critical vulnerability in the nginx-ui web server management tool, tracked as CVE-2026-33032, has been actively exploited since March 2026. This flaw allows attackers to bypass authentication on the /mcp_message…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…
A credential-harvesting campaign known as 'FortiBleed' has compromised over 75,000 Fortinet firewalls and VPNs across 194 countries. The attackers, suspected to be Russian-speaking cybercriminals, exploited previously…
Progress Software has issued urgent advisories regarding critical vulnerabilities in its MOVEit Automation platform, specifically CVE-2026-4670 and CVE-2026-5174. These vulnerabilities allow attackers to bypass…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a two-year-old vulnerability in Oracle WebLogic Server, tracked as CVE-2024-21182. This flaw,…
Between 2018 and 2023, Bulgaria licensed the export of surveillance technology from Circles, a company linked to NSO Group, to various countries with histories of human rights abuses. Human Rights Watch revealed that…
A critical vulnerability, CVE-2026-27771, in Gitea's container registry allowed unauthenticated users to access private container images for nearly four years. Discovered by Noscope in April 2026, the flaw affects over…
Trendmicro's TrendAI™ Research has identified two AI-augmented threat campaigns, SHADOW-AETHER-040 and SHADOW-AETHER-064, targeting government and financial organizations in Latin America. These campaigns began in late…