26th January – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 26th January, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
RansomHub ransomware group...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2018-14634 Linux Kernel Integer Overflow Vulnerability
CVE-2025-52691...
Spanish court acquits suspects denied access to ‘raw’ Sky ECC intercepts in landmark decision
Prosecutors have been told they cannot rely on intercept evidence from the Sky ECC encrypted phone network in the absence of other evidence, unless...
CVE-2026-21509 Microsoft Office Security Feature Bypass Vulnerability
Corrected CVSS score. This is an informational change only. - Read more
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE
IDE-SHEPHERD is an open-source IDE security extension that provides real-time monitoring and protection for VS Code and Cursor. It intercepts malicious process executions, monitors...
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog....
Updated PCI PIN compliance package for AWS Payment Cryptography now available
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) audit for...
Fortinet confirms new zero-day attacks against customer devices
Fortinet has confirmed that a new attack campaign observed recently against customer devices is exploiting an unpatched issue to bypass...
AWS achieves 2025 C5 Type 2 attestation report with 183 services in scope
Amazon Web Services (AWS) is pleased to announce a successful completion of the 2025 Cloud Computing Compliance Criteria Catalogue (C5) attestation cycle...
Data Leak Exposes 149M Logins, Including Gmail, Facebook
A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft.
The post Data Leak Exposes 149M Logins, Including Gmail,...
Latest article
Hackers Use Fake CleanMyMac Site to Deploy SHub Stealer and Hijack Crypto Wallets
A convincing fake website posing as the popular Mac utility CleanMyMac is actively pushing dangerous macOS malware called SHub Stealer onto unsuspecting users. ...
CVE program funding secured, easing fears of repeat crisis
The Cybersecurity and Infrastructure Security Agency and the MITRE Corporation have renegotiated the contract supporting the 26-year-old Common Vulnerabilities and...
Outbreak Alert- Annual Report 2025
In 2025, the FortiGuard Labs team processed and blocked 3.8 trillion vulnerability exploitation attempts, preventing 2.71 billion malware deliveries, and blocking 257 million newly...
9th March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 9th March, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
AkzoNobel, a Netherlands-based...
