Three GTI-verified campaigns are reported this week, sourced from Google Threat Intelligence (GTI), CISA, and Palo Alto Networks Unit 42. The most critical is CVE-2026-0300, a zero-day out-of-bounds write (CWE-787) ...
Four new campaigns are reported this week. The most critical is a confirmed Lynx ransomware attack on a U.S. regional hospital — with EHR and scheduling systems encrypted and patient ...
Four new or ongoing campaigns to be highlighted this week, the most critical is CVE-2026-32201, an actively-exploited SharePoint Server spoofing zero-day patched by Microsoft on April 1. There are reports ...
Three new campaigns to be reported this week, all sourced from Google Threat Intelligence (GTI). The most critical is the China-nexus exploitation of CVE-2026-1731 in BeyondTrust Remote Support (GLOBAL.26.004) — ...
Three new campaign to be reported this week. Key new entries this week: a DPRK-linked GitHub Actions supply chain campaign targeting healthcare CI/CD pipelines (CAMP.26.041), an active ransomware campaign by ...
This edition covers active threat campaigns relevant to Healthcare and Technology sectors. One new campaign to be reported this week. The most critical ongoing threat remains the Iran-nexus Handala/UNC5203 wiper ...
This week's brief covers 3 new threat campaigns sourced from Google Threat Intelligence (GTI), confirmed active. The most time-critical entry is the scattered spider SaaS hijack (CAMP.26.031), which uses SMS ...
This week's brief covers 3 new threat campaigns sourced from Google Threat Intelligence (GTI), confirmed active through mid-to-late March 2026. The most time-critical entry is the Amatera Infostealer campaign (CAMP.26.032), ...
This edition covers active threat campaigns relevant to Healthcare and Technology sectors. Three campaigns are new this week and one (DPRK GitHub Tampering, CAMP.26.014) was first reported in the Feb ...