CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE
CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE Splunk Enterprise admins should prioritize patching CVE-2026-20253, a critical vulnerability that allows a network-reachable, una...
What Is FortiBleed? Your Questions Answered
What Is FortiBleed? Your Questions Answered This is a developing story. Figures and findings are updated as the investigation continues. ...
CVE-2026-42530 & CVE-2026-42055: F5 Patches NGINX Vulnerabilities
CVE-2026-42530 & CVE-2026-42055: F5 Patches NGINX Vulnerabilities F5 has released out-of-band security updates for two NGINX vulnerabilities that can affect exposed web infrastructure: CVE-2026-42...
SOCRadar Launches Free FortiBleed Exposure Checker and Publishes the M...
SOCRadar Launches Free FortiBleed Exposure Checker and Publishes the Most Extensive Dataset on the Fortinet Credential Leak The team that first analyzed the FortiBleed leak now opens its research to t...
FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command...
FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command Execution Fortinet FortiSandbox administrators should review their environments after several critical vulnerabilities raised con...
May 2026: TeamPCP's Supply Chain Blitz Hits Checkmarx, GitHub, and npm
May 2026: TeamPCP’s Supply Chain Blitz Hits Checkmarx, GitHub, and npm May 2026 was defined by two threat actors operating at full intensity in parallel. ShinyHunters executed a major education-sector...
FortiBleed: SOCRadar's Investigation into 86,644 Compromised Fortinet ...
FortiBleed: SOCRadar’s Investigation into 86,644 Compromised Fortinet Firewalls [Updated: June 29th 9 AM EST] SOCRadar has attributed FortiBleed to the Lynx / INC ransomware group. Full technical repo...
Top 5 Phishing Domain Takedown Service
Top 5 Phishing Domain Takedown Service Phishing attacks remain one of the most persistent and scalable threats facing organizations today. In Q1 2026 alone, approximately 8.3 billion email-based phish...
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root CVE-2026-20262 is a zero-day vulnerability in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) that lets an authenticated at...
The Quarry: Inside the PhaaS Operation Behind Hundreds of IRS and SSA ...
The Quarry: Inside the PhaaS Operation Behind Hundreds of IRS and SSA Phishing Campaigns What looks like a wave of disconnected phishing incidents – some impersonating the IRS, others mimicking the So...
Dark Web Profile: Fox Kitten
Dark Web Profile: Fox Kitten Fox Kitten stands out among Iranian Advanced Persistent Threat (APT) groups for operating on two tracks simultaneously: collecting intelligence for the Iranian regime whil...
Iran Hajj Organization Data Claim, Crypto Leads Sale, APT43 Tooling Cl...
Iran Hajj Organization Data Claim, Crypto Leads Sale, APT43 Tooling Claim, Sweden User Data, and Chrysler Breach Claim SOCRadar’s Dark Web Team identified several new underground posts, including an a...
What the EU AI Act Actually Requires for Cybersecurity (And Where Ente...
What the EU AI Act Actually Requires for Cybersecurity (And Where Enterprises Are Exposed) The EU AI Act contains specific cybersecurity requirements. Article 15 names the threats. Article 73 sets rep...
Dark Web Profile: Rock
Dark Web Profile: Rock Most Phishing-as-a-Service operations are run by a faceless brand. Rock is the opposite: a single developer who builds, maintains, and sells an entire phishing and remote access...
CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exp...
CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exploitation Oracle has disclosed CVE-2026-35273, a critical Remote Code Execution (RCE) zero-day vulnerability in Oracle PeopleSoft ...
New Data Extortion Group “Pink” Goes Big Game Hunting With Evasive Phi...
New Data Extortion Group “Pink” Goes Big Game Hunting With Evasive Phishing Kits Pink Data Extortion Group is emerging as one of the latest examples of how voice phishing and data extortion continue t...
Electronic Warfare, Drones, and Cyber: Inside Modern Hybrid Warfare
Electronic Warfare, Drones, and Cyber: Inside Modern Hybrid Warfare Electronic warfare, drone warfare, and cyber operations all depend on the same foundation, the electromagnetic spectrum and the digi...
Dark Web Profile: Tengu Ransomware (Shisa)
Dark Web Profile: Tengu Ransomware (Shisa) Despite a measured public persona, Tengu Ransomware operates as a financially motivated, well-organized threat. First observed in late 2025, the group emerge...
ServiceNow Breach: Customer Data Exposed Through Unauthenticated API A...
ServiceNow Breach: Customer Data Exposed Through Unauthenticated API Access In early June 2026, ServiceNow notified impacted customers about malicious activity involving unauthorized access to custome...
Ivanti Sentry’s CVE-2026-10520 Enables Root RCE
Ivanti Sentry’s CVE-2026-10520 Enables Root RCE CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry that can allow a remote, unauthenticated attacker to execute commands a...