Three GTI-verified campaigns are reported this week, sourced from Google Threat Intelligence (GTI), CISA, Cisco Talos, and Cisco PSIRT. The most critical is CVE-2026-20182, a maximum-severity (CVSS 10.0, GTI P0) ...
Three GTI-verified campaigns are reported this week, sourced from Google Threat Intelligence (GTI), CISA, and Palo Alto Networks Unit 42. The most critical is CVE-2026-0300, a zero-day out-of-bounds write (CWE-787) ...
Four new campaigns are reported this week. The most critical is a confirmed Lynx ransomware attack on a U.S. regional hospital — with EHR and scheduling systems encrypted and patient ...
Four new or ongoing campaigns to be highlighted this week, the most critical is CVE-2026-32201, an actively-exploited SharePoint Server spoofing zero-day patched by Microsoft on April 1. There are reports ...
Three new campaigns to be reported this week, all sourced from Google Threat Intelligence (GTI). The most critical is the China-nexus exploitation of CVE-2026-1731 in BeyondTrust Remote Support (GLOBAL.26.004) — ...
Three new campaign to be reported this week. Key new entries this week: a DPRK-linked GitHub Actions supply chain campaign targeting healthcare CI/CD pipelines (CAMP.26.041), an active ransomware campaign by ...
This edition covers active threat campaigns relevant to Healthcare and Technology sectors. One new campaign to be reported this week. The most critical ongoing threat remains the Iran-nexus Handala/UNC5203 wiper ...
This week's brief covers 3 new threat campaigns sourced from Google Threat Intelligence (GTI), confirmed active. The most time-critical entry is the scattered spider SaaS hijack (CAMP.26.031), which uses SMS ...
This week's brief covers 3 new threat campaigns sourced from Google Threat Intelligence (GTI), confirmed active through mid-to-late March 2026. The most time-critical entry is the Amatera Infostealer campaign (CAMP.26.032), ...