Critical Alert 1 Active Exploit Detected Today

CVE-2026-9082 — Drupal Core SQL Injection Vulnerability →

Powered by CVE Watchtower

×

APT28

CISA Sounds the Alarm: State-Sponsored Hackers Weaponize New Windows and ScreenConnect Flaws State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

CISA Sounds the Alarm: State-Sponsored Hackers Weaponize New Windows and ScreenConnect Flaws

Ddos April 29, 2026

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit Zero-Click Exploitation LNK Authentication Coercion

Zero-Click Exploitation LNK Authentication Coercion

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit

Ddos April 27, 2026

APT28 Hijacks Home Routers to Steal Corporate Credentials

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

APT28 Hijacks Home Routers to Steal Corporate Credentials

Ddos April 8, 2026

Steganography & Sabotage: Inside Pawn Storm’s PRISMEX Offensive Against NATO Logistics Zyxel security - Mitel MiCollab Vulnerability

Zyxel security - Mitel MiCollab Vulnerability

Steganography & Sabotage: Inside Pawn Storm’s PRISMEX Offensive Against NATO Logistics

Ddos April 1, 2026

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS ClickFix Social Engineering Living-off-the-Land (LotL) Attacks

ClickFix Social Engineering Living-off-the-Land (LotL) Attacks

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS

Ddos March 30, 2026

Roundcube Webmail Hits Critical Update: New Security Fixes Target Hidden Vulnerabilities Roundcube Webmail Security Roundcube 1.6.14 Update

Roundcube Webmail Security Roundcube 1.6.14 Update

Roundcube Webmail Hits Critical Update: New Security Fixes Target Hidden Vulnerabilities

Ddos March 23, 2026

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail Operation GhostMail Zero-Click XSS

Operation GhostMail Zero-Click XSS

The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail

Ddos March 20, 2026

Inside the Arsenal: Exposed Server Reveals APT28’s ‘Roundish’ Toolkit and Advanced Cyber Espionage Tactics APT28 Toolkit Roundish Malware

APT28 Toolkit Roundish Malware

Inside the Arsenal: Exposed Server Reveals APT28’s ‘Roundish’ Toolkit and Advanced Cyber Espionage Tactics

Ddos March 16, 2026

BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo BadPaw Malware MeowMeow Backdoor

BadPaw Malware MeowMeow Backdoor

BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo

Ddos March 5, 2026

Hiding in Plain Sight: APT28’s “Operation MacroMaze” Hits European Govs

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Hiding in Plain Sight: APT28’s “Operation MacroMaze” Hits European Govs

Ddos February 17, 2026

APT28 Weaponizes Office Flaw to Spy on NATO & Military NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

APT28 Weaponizes Office Flaw to Spy on NATO & Military

Ddos February 9, 2026

Fancy Bear Returns: APT28 Exploits Office Flaw in “Operation Neusploit”

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Fancy Bear Returns: APT28 Exploits Office Flaw in “Operation Neusploit”

Ddos February 3, 2026

The GRU’s Silent Shift: How BlueDelta Hijacks Ukrainian Webmail Using ngrok and Mocky BlueDelta Espionage, UKR.NET Phishing

BlueDelta Espionage, UKR.NET Phishing

The GRU’s Silent Shift: How BlueDelta Hijacks Ukrainian Webmail Using ngrok and Mocky

Ddos December 22, 2025

Next-Gen Threat: Google Exposes AI-Enabled Malware That Rewrites Its Own Code with Gemini LLM BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

Next-Gen Threat: Google Exposes AI-Enabled Malware That Rewrites Its Own Code with Gemini LLM

Ddos November 6, 2025

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage

Ddos September 17, 2025

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2 APT28, GONEPOSTAL

APT28, GONEPOSTAL

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2

Ddos September 10, 2025

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros APT28, NotDoor

APT28, NotDoor

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros

Ddos September 5, 2025

Russian-Aligned TAG-110 Targets Tajikistan Governments with Stealthy Cyber-Espionage TAG-110 cyber-espionage, Tajikistan phishing

TAG-110 cyber-espionage, Tajikistan phishing

Russian-Aligned TAG-110 Targets Tajikistan Governments with Stealthy Cyber-Espionage

Ddos May 26, 2025

Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense APT28 cyber-espionage, GRU cyberattack

APT28 cyber-espionage, GRU cyberattack

Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense

Ddos May 21, 2025

Operation RoundPress: Sednit Weaponizes XSS to Breach Global Webmail Servers Sednit Cyberespionage, APT28

Sednit Cyberespionage, APT28

Operation RoundPress: Sednit Weaponizes XSS to Breach Global Webmail Servers

Ddos May 16, 2025