Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign
Threat Intelligence Feed
Aggregating 5563 articles from trusted cybersecurity sources
Latest News
Proactive Preparation and Hardening Against Destructive Attacks: 2026 Edition
Written by: Matthew McWhirt, Bhavesh Dhake, Emilio Oropeza, Gautam Krishnan, Stuart Carrera, Greg Blaum, Michael Rudden UPDATE (March 13): Added guidance aro...
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances
What cybersecurity actually does for your business
The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed
ZDI-26-170: GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-169: GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-168: GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-167: GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-166: GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-165: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-164: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
ZDI-26-163: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exp...
Data Breaches
Texas Parks & Wildlife Data Breach Affects 3 Million Individuals
Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affe...
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ...
MDR Provider Comparison: Time to Discover and Respond to Threats
A detailed MDR provider comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose.
Texas TPWD Vendor Breach Exposes 3 Million Customer Records
Texas Cyber Command has disclosed a massive third-party data breach affecting the Texas Parks and Wildlife Department (TPWD), exposing the personal records o...
CISA Warns of Active Exploitation Following FortiBleed Leak
FortiBleed exposed credentials for 74,000 Fortinet devices, with attackers actively exploiting the leak to target systems worldwide. On June 18, CISA issued ...
Klue OAuth breach victim list grows as Icarus hackers claim attack
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to custo...
Texas govt data breach exposes over 3 million driver’s licenses
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three mil...
The Good, the Bad and the Ugly in Cybersecurity – Week 25
FBI dismantles extensive PhaaS, DragonForce ransomware abuses MS Teams relays, and PRC-based spies breach REDCap servers to steal research data.
Klue breach lead to Salesforce data theft, Huntress affected
Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sale...
From Assistive to Agentic: The AI Shift That's Redefining Threat Management
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often...
CISA warns Fortinet users to secure devices after FortiBleed leak
The U.S.
24 Billion Stolen Credentials Exposed in Massive Data Leak
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infoste...