Critical Infrastructure

Zero-Day Threat: UAT-8837 Targets North American Infrastructure Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Zero-Day Threat: UAT-8837 Targets North American Infrastructure

Ddos January 16, 2026

China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe

Ddos January 12, 2026

Taiwan Faces 2.6 Million Cyberattacks Daily from China Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Taiwan Faces 2.6 Million Cyberattacks Daily from China

Ddos January 8, 2026

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams Supply Chain Phishing, npm Abuse

Supply Chain Phishing, npm Abuse

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams

Ddos December 25, 2025

Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices

Ddos December 17, 2025

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure

Ddos December 15, 2025

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs Pro-Russia Hacktivist OT Attack, Unsecured VNC HMI

Pro-Russia Hacktivist OT Attack, Unsecured VNC HMI

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs

Ddos December 11, 2025

China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage Discord C2, UNC5174 Espionage

Discord C2, UNC5174 Espionage

China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage

Ddos December 6, 2025

Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare

Ddos September 27, 2025

Hacktivists Launch Coordinated Attacks on India’s Infrastructure hacktivist attacks

hacktivist attacks

Hacktivists Launch Coordinated Attacks on India’s Infrastructure

Ddos September 18, 2025

Critical Vulnerabilities Discovered in Planet Technology Industrial Cellular Gateways CVE-2025-9971 CVE-2025-9972 PLANET Technology - CVE-2024-8456

CVE-2025-9971 CVE-2025-9972 PLANET Technology - CVE-2024-8456

Critical Vulnerabilities Discovered in Planet Technology Industrial Cellular Gateways

Ddos September 18, 2025

CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access

AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access

Ddos September 12, 2025

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

Ddos September 12, 2025

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible The created ransom note

The created ransom note

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Ddos September 11, 2025

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Ddos August 29, 2025

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Ddos August 28, 2025

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Rockwell Automation Warning OT Security Rockwell SQLi, Industrial Safety DoS Verve Asset Manager API OT Privilege Escalation Rockwell NAT Router, Critical Auth Bypass Rockwell ICS Privilege Escalation, MSI Repair Attack CVE-2025-7353 Critical vulnerability, industrial control systems Rockwell vulnerability, ICS security Rockwell Arena, Memory Abuse Rockwell Automation, RCE Vulnerability CVE-2025-24479 and CVE-2025-24480 - CVE-2025-0477

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Ddos August 18, 2025

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign Blue Locker, Ransomware

Blue Locker, Ransomware

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign

Ddos August 18, 2025

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover ARC Solo, CISA Alert

ARC Solo, CISA Alert

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover

Ddos August 11, 2025

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover EG4 Electronics, CISA Alert

EG4 Electronics, CISA Alert

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover

Ddos August 9, 2025