Live Threat IntelLive
Oklahoma State Tax Commission Fails To Notice Data Breach for 18 Months(DataBreaches.net)Northern Ireland school IT systems ‘largely restored’ after cyber attack(DataBreaches.net)U.S. authorities conduct cyber operations as part of global crackdown on DDoS-for-hire services(DataBreaches.net)Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery(Bleeping Computer)In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested(SecurityWeek)DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’(Infosecurity Magazine)Another DraftKings Hacker Sentenced to Prison(SecurityWeek)Recent Apache ActiveMQ Vulnerability Exploited in the Wild(SecurityWeek)Inside ZionSiphon: politically driven malware aims at Israeli water systems(Security Affairs)ZionSiphon Malware Targets ICS in Water Facilities(SecurityWeek)Man gets 30 months for selling thousands of hacked DraftKings accounts(Bleeping Computer)Claude Opus wrote a Chrome exploit for $2,283(The Register)53 DDoS Domains Taken Down by Law Enforcement(SecurityWeek)Recently leaked Windows zero-days now exploited in attacks(Bleeping Computer)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts(The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation(The Hacker News)Operation PowerOFF identifies 75k DDoS users, takes down 53 domains(Bleeping Computer)ZionSiphon malware designed to sabotage water treatment systems(Bleeping Computer)A Deep Dive Into Attempted Exploitation of CVE-2023-33538(Palo Alto Unit 42)New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges(Bleeping Computer)Cookeville Regional Medical Center hospital data breach impacts 337,917 people(Security Affairs)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic(The Hacker News)Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face(Bleeping Computer)APK Malformation Found in Thousands of Android Malware Samples(Infosecurity Magazine)Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack(Infosecurity Magazine)AI platform n8n abused for stealthy phishing and malware delivery(Security Affairs)Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware(The Record)Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed(The Register)From clinics to government: UAC-0247 expands cyber campaign across Ukraine(Security Affairs)Automotive Ransomware Attacks Double in a Year(Infosecurity Magazine)UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign(The Hacker News)6-Year Ransomware Campaign Targets Turkish Homes & SMBs(Dark Reading)CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access(Security Affairs)Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP(The Register)n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails(The Hacker News)Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover(The Hacker News)Microsoft, Salesforce Patch AI Agent Data Leak Flaws(Dark Reading)Mirax malware campaign hits 220K accounts, enables full remote control(Security Affairs)Russia Hacked Routers to Steal Microsoft Office Tokens(Krebs on Security)Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure(CISA Advisories)Oklahoma State Tax Commission Fails To Notice Data Breach for 18 Months(DataBreaches.net)Northern Ireland school IT systems ‘largely restored’ after cyber attack(DataBreaches.net)U.S. authorities conduct cyber operations as part of global crackdown on DDoS-for-hire services(DataBreaches.net)Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery(Bleeping Computer)In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested(SecurityWeek)DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’(Infosecurity Magazine)Another DraftKings Hacker Sentenced to Prison(SecurityWeek)Recent Apache ActiveMQ Vulnerability Exploited in the Wild(SecurityWeek)Inside ZionSiphon: politically driven malware aims at Israeli water systems(Security Affairs)ZionSiphon Malware Targets ICS in Water Facilities(SecurityWeek)Man gets 30 months for selling thousands of hacked DraftKings accounts(Bleeping Computer)Claude Opus wrote a Chrome exploit for $2,283(The Register)53 DDoS Domains Taken Down by Law Enforcement(SecurityWeek)Recently leaked Windows zero-days now exploited in attacks(Bleeping Computer)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts(The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation(The Hacker News)Operation PowerOFF identifies 75k DDoS users, takes down 53 domains(Bleeping Computer)ZionSiphon malware designed to sabotage water treatment systems(Bleeping Computer)A Deep Dive Into Attempted Exploitation of CVE-2023-33538(Palo Alto Unit 42)New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges(Bleeping Computer)Cookeville Regional Medical Center hospital data breach impacts 337,917 people(Security Affairs)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic(The Hacker News)Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face(Bleeping Computer)APK Malformation Found in Thousands of Android Malware Samples(Infosecurity Magazine)Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack(Infosecurity Magazine)AI platform n8n abused for stealthy phishing and malware delivery(Security Affairs)Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware(The Record)Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed(The Register)From clinics to government: UAC-0247 expands cyber campaign across Ukraine(Security Affairs)Automotive Ransomware Attacks Double in a Year(Infosecurity Magazine)UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign(The Hacker News)6-Year Ransomware Campaign Targets Turkish Homes & SMBs(Dark Reading)CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access(Security Affairs)Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP(The Register)n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails(The Hacker News)Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover(The Hacker News)Microsoft, Salesforce Patch AI Agent Data Leak Flaws(Dark Reading)Mirax malware campaign hits 220K accounts, enables full remote control(Security Affairs)Russia Hacked Routers to Steal Microsoft Office Tokens(Krebs on Security)Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure(CISA Advisories)