Threat Intelligence – AiomoShield

Total stories

all sources

Vulnerabilities

CVEs & exploits

Malware / APT

active campaigns

Breaches

data leaks

Sources live

6/7

The Hacker News, SANS ISC, Talos

Threat categories

Vulnerability 12 Malware 13 APT 4 Breach 0 Other 39

Stories by source

Source:

Category:

The Hacker News

SecurityMicrosoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

The Hacker News 1h ago Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that

VulnerabilityWinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

The Hacker News 6h ago Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, a

MalwareResearchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

The Hacker News 6h ago University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open

VulnerabilityChrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now

The Hacker News 6h ago Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the w

SecurityThe Hidden Security Risk in Modern Networks: The Work Between Tools

The Hacker News 7h ago Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increas

SecurityNew FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

The Hacker News 8h ago A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of you

MalwareHades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Hacker News 9h ago The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts ac

VulnerabilityLiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

The Hacker News 12h ago The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to

VulnerabilityOne-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

The Hacker News 22h ago Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local

MalwareMeta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

The Hacker News 1d ago Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the

VulnerabilityCritical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

The Hacker News 1d ago Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployment

MalwareAI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload

The Hacker News 1d ago Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake

SANS ISC

SecurityISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)

SANS ISC 16h ago (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SecurityTeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)

SANS ISC 1d ago This diary continues the Internet Storm Center&#x26;#39;s tracking of the TeamPCP supply

SecurityISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)

SANS ISC 1d ago (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SecurityThe Evil MSI Background is Back!, (Fri, Jun 5th)

SANS ISC 4d ago A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1&#x

SecurityISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)

SANS ISC 4d ago (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SecurityMicrosoft's Coreutils for Windows, (Thu, Jun 4th)

SANS ISC 5d ago I&#x26;#39;ve been using the GnuWin32 CoreUtils for Windows for many years now (it gives

SecurityISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)

SANS ISC 5d ago (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SecurityContinuing Scans for swagger.json, (Wed, Jun 3rd)

SANS ISC 6d ago Enterprise applications often still use complex standards like SOAP for web services. The big advantage of SOAP is its tight and e

SecurityISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)

SANS ISC 6d ago (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

MalwareNew Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)

SANS ISC 7d ago For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-fr

Talos

SecurityReporting from Vegas: Networking, AI, and good boys

Talos 5d ago Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overst

MalwareWinning the cyber marathon with Tony Giandomenico

Talos 5d ago Tony Giandomenico, Senior Director of Product Management, joins Amy to discuss the Talos Threat Hunting launch what he's excited a

SecurityHypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

Talos 5d ago Learn how Cisco Talos Threat Hunting uses hypothesis-driven methods and multi-domain telemetry correlation to find stealthy threat

SecurityLess panic patching, more precision

Talos 12d ago In this newsletter, Thor breaks down why you should stop relying solely on CVSS and start using EPSS and GCVE to focus your patchi

SecurityDICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap

Talos 12d ago This white paper presents a concrete case study demonstrating the creation of a heap overflow vulnerability through the exploitati

VulnerabilityMediaArea heap-based buffer overflow vulnerabilities

Talos 13d ago Talos researchers find 4 heap-based buffer overflow vulnerabilities in MediaArea's MediaInfoLib.

SecurityIntroducing EvidenceForge: Synthetic security logs that don’t look (as) fake

Talos 13d ago EvidenceForge generates high-quality, realistic, and consistent datasets across multiple log formats, enabling teams to effectivel

SecurityThe art of being ungovernable

Talos 19d ago In this edition of the Threat Source newsletter, William explores the value of being "ungovernable" in a professional setting, sha

VulnerabilityTP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Talos 21d ago Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adob

SecurityFrom PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat

Talos 21d ago Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded "demo.pdb" strings — that functions as commodity malware

SecurityThe time of much patching is coming

Talos 26d ago In this week’s newsletter, Martin reflects on what the next iteration of AI tools means for vulnerability discovery and our abilit

VulnerabilityOngoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

Talos 26d ago Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN

SecureList

MalwareArgamal: Malware hidden in hentai games

SecureList 6d ago Kaspersky researchers analyze new Argamal RAT distributed via infected hentai games and allowing the attacker to control the targe

SecurityWardriving assessment across Mexico: Preparing for the 2026 World Cup

SecureList 7d ago In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, an

SecurityContainers on fire: from container escapes to supply chain attacks

SecureList 8d ago We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromi

VulnerabilityWhat’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant

SecureList 11d ago What are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to improve co

MalwarePirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years

SecureList 12d ago Our experts continue to track attacks targeting consumers of pirated content, both books and movies. 2026 saw the discovery of new

SecurityCloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

SecureList 18d ago Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor for persis

VulnerabilityHow an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)

SecureList 20d ago We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).

SecurityIT threat evolution in Q1 2026. Mobile statistics

SecureList 22d ago This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of

SecurityIT threat evolution in Q1 2026. Non-mobile statistics

SecureList 22d ago The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as In

APTKimsuky targets organizations with PebbleDash-based tools

SecureList 26d ago Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection t

Unit 42

SecurityWhen “Hi, This Is IT” Comes Through Microsoft Teams

Unit 42 19h ago Attackers are increasingly targeting collaboration platforms like Microsoft Teams. Learn the risks and key steps to strengthen you

VulnerabilityThreat Brief: Active Exploitation of PAN-OS CVE-2026-0257

Unit 42 4d ago We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitati

SecurityThe npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)

Unit 42 7d ago Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and

MalwareOperation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

Unit 42 7d ago Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built usin

Security2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface

Unit 42 12d ago The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical in

SecurityOut of the Crypt: The Evolving Cyber Extortion Economy

Unit 42 12d ago Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance. The

APTTracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

Unit 42 18d ago Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in re

APTPaved With Intent: ROADtools and Nation-State Tactics in the Cloud

Unit 42 18d ago Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use. T

SecurityTracking TamperedChef Clusters via Certificate and Code Reuse

Unit 42 20d ago Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads

VulnerabilityGremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files

Unit 42 25d ago Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking t

SecurityInside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools

Unit 42 28d ago Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral dete

APTThreat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

Unit 42 33d ago Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details.

CheckPoint

Security8th June – Threat Intelligence Report

CheckPoint 1d ago For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTAC

MalwareImpersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem

CheckPoint 6d ago Research by: Alexey Bukhteyev Key Takeaways Introduction When we search Google for a popular piece of software, we usually cl

Security1st June – Threat Intelligence Report

CheckPoint 8d ago For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTAC

SecurityAI Threat Landscape Digest March-April 2026

CheckPoint 14d ago Executive Summary During the March–April 2026 reporting period, AI use in offensive operations advanced from development and plann

Security25th May – Threat Intelligence Report

CheckPoint 15d ago For the latest discoveries in cyber research for the week of 25th May, please download our Threat Intelligence Bulletin. TOP ATTAC

MalwareFast and Furious – Nimbus Manticore Operations During the Iranian Conflict

CheckPoint 18d ago Key Findings Introduction During the recent geopolitical tensions in the Middle East, we reported on multiple Iran-nexus

Security18th May – Threat Intelligence Report

CheckPoint 22d ago For the latest discoveries in cyber research for the week of 18th May, please download our Threat Intelligence Bulletin. TOP ATTAC

SecurityThus Spoke…The Gentlemen

CheckPoint 27d ago Key Points Introduction The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2

Security11th May – Threat Intelligence Report

CheckPoint 29d ago For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTAC

MalwareThe State of Ransomware – Q1 2026

CheckPoint 29d ago Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data

Security4th May – Threat Intelligence Report

CheckPoint 36d ago For the latest discoveries in cyber research for the week of 4th May, please download our Threat Intelligence Bulletin. TOP ATTACK

MalwareVECT: Ransomware by design, Wiper by accident

CheckPoint 42d ago Key Takeaways Background VECT Ransomware is a Ransomware-as-a-Service (RaaS) program that made its first appearance in December 20

The Hacker News · SANS ISC · Talos · SecureList · Unit 42 · CheckPoint · Dark Reading ·
No tracking · No ads · Server-side RSS · Cached 30 min

Innovative Project Ideas?

Product

Analytics & Reporting

Email Marketing

PPC Advertising

SEO Optimization

Soc. Media Management

Content Marketing

Resources

Blog

Case Studies

Ebooks & Guides

Webinars

FAQs

Press & Media

Quick Links

Get a Free Quote

Request a Demo

Pricing Plans

Testimonials

Support Center

Legal

Terms of Service

Privacy Policy

Cookie Policy

Disclaimer

Data Processing Agreement