UAT-9244 hits South American telcos with TernDoor, PeerTime and BruteEntry
Cisco Talos links the activity cluster to China-nexus tooling, including CrowDoor variants and ORB-style proxy infrastructure
92 reports
Cisco Talos links the activity cluster to China-nexus tooling, including CrowDoor variants and ORB-style proxy infrastructure
Reverse engineering shows pragmatic obfuscation, hardcoded crypto, and cloud-native infrastructure supporting scalable intrusion delivery.
Iran • hacktivists • IRGC • MOIS • DDoS • wipers • ransomware • critical infrastructure
Cross-origin browser-to-localhost access, missing loopback throttling, and implicit device trust combine into a silent takeover path from a single web visit.
Akamai SIRT identifies Mirai variant campaign actively targeting critical RCE flaws in automation platforms and routers
Veracode’s 2026 State of Software Security finds remediation capacity falling behind development velocity, with third-party components driving the longest-lived high-risk exposure.
Incorrect permission assignment exposes an internal anomaly-detection service, enabling remote root code execution on affected PTX routers.
UK financial stability and customer outcomes are increasingly shaped by operational cyber risk: attacks (and disruptive technology failures) that impair critical services, amplify fraud losses,…
Active exploitation of Cisco Catalyst SD-WAN authentication bypass (CVE-2026-20127) cisco catalyst sd-wan, vsmart, vmanage, CVE-2026-20127, UAT-8616, authentication bypass, rogue peer, NETCONF,…
On 24 February 2026 , SolarWinds released Serv-U 15.5.4 to remediate four critical (CVSS 9.1) vulnerabilities that can enable remote code execution as root/administrator in Serv-U environments…
Short title: SANDWORM_MODE npm worm (CI secret theft + MCP poisoning) npm supply chain attack, SANDWORM_MODE, typosquatting, GitHub Actions compromise, CI secret exfiltration, MCP server…
Targeted 2024 intrusions against high-profile TeamT5 customers, later surfaced via CISA KEV listing.