Intelligence · Updated daily
AI-analysed threats, vulnerabilities and campaigns. Not just what happened — what it means, who's affected, and what to do about it.
A Mirai botnet variant is actively scanning for and compromising Juniper SSR routers that still use factory-default credentials, incorporating them into DDoS infrastructure.
CISA has issued an emergency directive ordering federal agencies to mitigate Ivanti Connect Secure vulnerabilities amid widespread exploitation by nation-state actors.
Education technology giant PowerSchool suffered a major data breach exposing personal information of students and staff across numerous K-12 school districts in North America.
Microsoft's January 2025 Patch Tuesday addresses 159 vulnerabilities including eight zero-days, three of which are under active exploitation in Windows Hyper-V and Windows components.
A critical authentication bypass in FortiOS and FortiProxy is being actively exploited, allowing remote attackers to gain super-admin privileges on affected firewalls.
Multiple critical vulnerabilities in Moxa industrial networking devices could allow attackers to gain root access to OT and ICS infrastructure.
A critical zero-day vulnerability in Ivanti Connect Secure VPN appliances is being actively exploited by threat actors to gain unauthenticated remote code execution.
Google is introducing the Text Fragment feature in Chrome's PDF reader, allowing users to share specific parts of long PDFs more easily. This could potentially lead to improved collaboration but may also introduce new attack vectors if not properly secured.
A vulnerability in Nuclei, an open-source vulnerability scanner, allowed attackers to bypass signature verification and execute malicious code via templates on local systems.
Tenable's buggy differential plugin updates caused global outages of Nessus vulnerability scanner agents, requiring manual upgrades for revival.
Chinese state-backed hackers breached the Office of Foreign Assets Control (OFAC), potentially gaining access to sensitive sanctions-related data.
The Brain Cipher ransomware gang has begun leaking data stolen from Rhode Island's RIBridges social services platform, highlighting the risks of unpatched vulnerabilities and inadequate security measures.
A new attack technique, DoubleClickjacking, exploits double-clicks to bypass existing clickjacking protections and hijack user accounts. This poses a significant risk as it can be used to authorize sensitive actions without users' knowledge.
Over three million mail servers are exposed without TLS encryption, allowing potential sniffing attacks and data interception.