Archive
Cyber Threat Intelligence
44 editions
May 2026
11 editions- 11 May Lazarus Passport Leaks, AI-Generated Zero-Day, and Linux 'Dirty Frag' FlawLazarus targets passport databases globally; Google detects first AI-developed zero-day exploit; new Linux kernel vulnerability 'Dirty Frag' emerges; UK water company fined for undetected breach.141 ev 84 crit
- 10 May Lazarus, Keymous Plus Lead Data Leak Surge; Ollama Flaw Exposes 300K Servers174 events tracked; 35 critical exposures. Lazarus claims multiple US/China leaks. Keymous Plus targets Egypt govt. Critical Ollama CVE-2026-7482 (CVSS 9.1) disclosed.174 ev 35 crit
- 9 May GODFATHER of All Actor Claims Massive Data Leak Targeting Finance, GovernmentActor The GODFATHER of all claims breaches of BlackRock, Vanguard, Palantir, and others. XORCAT and Qilin remain active. Critical infrastructure and healthcare targeted.188 ev 93 crit
- 8 May Canvas Breach, Water ICS Attacks, and Data Leak Surge Hit Global TargetsShinyHunters claims 9,000 schools impacted by Canvas breach; Polish water plants hit by ICS attacks; 74 critical data exposures include US DoD, Taiwan Military, and financial firms.181 ev 74 crit
- 7 May Data Leak Surge Targets Telecoms, Government; Cisco Patches Critical Flaws32 critical data exposure events today, led by telecom and government leaks in France, Canada, and Israel. Cisco and PAN-OS zero-day patches urgent. Cloud worm PCPJack steals credentials at scale.132 ev 32 crit
- 6 May Critical Palo Alto Zero-Day, Supply-Chain Attack on Daemon Tools, and WidespreadPalo Alto PAN-OS zero-day exploited in the wild; Daemon Tools supply-chain attack; MuddyWater false-flag ransomware; 54 critical data exposures including US, Brazil, France, and Indonesia.159 ev 54 crit
- 5 May Critical Linux Kernel Flaw, Apache HTTP/2 Bug, and Data Breaches SurgeToday's brief covers a critical Linux kernel LPE, an Apache HTTP/2 RCE, and a DAEMON Tools supply chain attack. Over 50 data exposure events hit Israel, Mexico, and Ecuador, with Cinzz and NoName057(1185 ev 52 crit
- 4 May Copy Fail Exploitation, Ransomware Surge, and Phishing Campaigns Dominate Threat55 critical data exposures reported including U.S. Navy, Robinhood, and Rheinmetall. Active exploitation of Linux 'Copy Fail' bug begins. Phishing campaign hits 80+ orgs using RMM tools.125 ev 55 crit
- 3 May FreeCity Data Dump Spree Targets Malaysia, Vietnam, UK; Linux Zero-Day ExploitedMassive data leak campaign by FreeCity hits 10+ organizations across Malaysia, Vietnam, UK, Spain. CISA warns of active exploitation of Linux privilege escalation bug CVE-2026-31431. Israeli, Indonesi180 ev 85 crit
- 2 May Trellix Source Code Hit; Microsoft and Orange Forum Claims212 events, 53 critical. Forum claims target Microsoft, Orange, Aviso Wealth; Trellix confirms source-code breach; CVE-2026-31431 Linux root active.212 ev 53 crit
- 1 May Multiple Government Breaches, Telkom Indonesia Hit in Global Data Leak Wave180 events tracked; 70 critical exposures. Indonesia, US, Brazil targeted. Mr. Hanz Xploit active. Government, telecom, finance sectors hit.180 ev 70 crit
April 2026
3 editions- 30 Apr Forum Breaches Hit Polymarket, PNC as Gemini CLI RCE Patched47 forum data-breach posts hit US targets; Google patches CVSS-10 Gemini CLI RCE; Linux 'Copy Fail' kernel flaw enables root.150 ev 57 crit
- 29 Apr Data Exposure Wave Hits Insurance, Government; TheFallen Actor Active62 critical data exposure events today, with TheFallen targeting US insurance and finance. Indonesia, Morocco, and US lead victim countries. Supply chain attacks on npm and SAP packages reported.164 ev 62 crit
- 28 Apr Polymarket, Wells Fargo, GitHub RCE Lead High-Volume Breach Day184 events tracked; Polymarket API breach, Wells Fargo data sale, GitHub CVE-2026-3854 RCE, VECT 2.0 wiper, and LofyGang stealer resurface. Indonesia, France, US heavily targeted.184 ev 79 crit