{"metadata":{"generatedAt":"2026-06-22T15:02:05.528Z","reportDate":"2026-06-22","totalItems":347,"sourceBreakdown":{"cisa-kev":2,"cisa-advisories":15,"vendor-blogs":185,"malware-bazaar":33,"abuse-ipdb":20,"threatfox":2,"general-news":103},"categoryBreakdown":{"vulnerability":2,"advisory":187,"malware":33,"ip-reputation":20,"threat-intel":2,"news":103},"fetchErrors":[{"source":"nvd","error":"NVD API responded 503"},{"source":"otx","error":"otx responded 504"}]},"highlights":[{"id":"cisa-adv-azeotech-daqfactory","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"critical","title":"AzeoTech DAQFactory","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution.\nThe following versions of AzeoTech DAQFactory are affected:\nDAQFactory <=21.1 (CVE-2026-12390)\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["zeroday","phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-02","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45469-microsoft-excel-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45469","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44817","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44818","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44820","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44823","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45475-microsoft-office-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45475","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45472","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45474","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44819","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44824","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45461","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45645","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45463","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45471-microsoft-word-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45471","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45486","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45643","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45457","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45456-microsoft-outlook-and-word-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45456","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45458","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-44803-windows-graphics-component-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-183.91.11.36","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 183.91.11.36","description":"Country: VN | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["183.91.11.36"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/183.91.11.36","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-20.226.73.88","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 20.226.73.88","description":"Country: BR | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["20.226.73.88"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/20.226.73.88","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-94.183.188.148","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 94.183.188.148","description":"Country: FR | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["94.183.188.148"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/94.183.188.148","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-41.76.213.108","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 41.76.213.108","description":"Country: ZA | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["41.76.213.108"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/41.76.213.108","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null}],"items":[{"id":"cisa-adv-azeotech-daqfactory","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"critical","title":"AzeoTech DAQFactory","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution.\nThe following versions of AzeoTech DAQFactory are affected:\nDAQFactory <=21.1 (CVE-2026-12390)\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["zeroday","phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-02","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45469-microsoft-excel-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45469","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44817","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44818","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44820","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44823","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45475-microsoft-office-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45475","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45472","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45474","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44819","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44824","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45461","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45645","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45463","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45471-microsoft-word-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45471","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45486","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45643","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45457","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45456-microsoft-outlook-and-word-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45456","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45458","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-44803-windows-graphics-component-remote-code-execution-vulnerability","source":"vendor-blogs","category":"advisory","severity":"critical","title":"CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-183.91.11.36","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 183.91.11.36","description":"Country: VN | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["183.91.11.36"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/183.91.11.36","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-20.226.73.88","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 20.226.73.88","description":"Country: BR | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["20.226.73.88"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/20.226.73.88","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-94.183.188.148","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 94.183.188.148","description":"Country: FR | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["94.183.188.148"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/94.183.188.148","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-41.76.213.108","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 41.76.213.108","description":"Country: ZA | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["41.76.213.108"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/41.76.213.108","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-202.183.141.189","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 202.183.141.189","description":"Country: TH | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["202.183.141.189"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:01.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/202.183.141.189","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-115.77.111.2","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 115.77.111.2","description":"Country: VN | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["115.77.111.2"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/115.77.111.2","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-195.178.110.30","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 195.178.110.30","description":"Country: NL | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["195.178.110.30"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/195.178.110.30","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-188.166.25.251","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 188.166.25.251","description":"Country: NL | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["188.166.25.251"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/188.166.25.251","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-216.218.206.98","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 216.218.206.98","description":"Country: US | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["216.218.206.98"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/216.218.206.98","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-31.59.160.12","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 31.59.160.12","description":"Country: SE | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["31.59.160.12"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/31.59.160.12","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-118.194.251.144","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 118.194.251.144","description":"Country: TH | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["118.194.251.144"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/118.194.251.144","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-58.186.20.101","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 58.186.20.101","description":"Country: VN | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["58.186.20.101"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:17:00.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/58.186.20.101","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-66.132.195.19","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 66.132.195.19","description":"Country: US | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["66.132.195.19"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/66.132.195.19","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-20.163.33.221","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 20.163.33.221","description":"Country: US | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["20.163.33.221"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/20.163.33.221","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-66.132.186.241","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 66.132.186.241","description":"Country: US | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["66.132.186.241"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/66.132.186.241","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-175.198.18.3","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 175.198.18.3","description":"Country: KR | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["175.198.18.3"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/175.198.18.3","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-78.142.18.172","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 78.142.18.172","description":"Country: NL | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["78.142.18.172"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/78.142.18.172","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-79.124.49.70","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 79.124.49.70","description":"Country: BG | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["79.124.49.70"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/79.124.49.70","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-80.94.92.182","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 80.94.92.182","description":"Country: RO | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["80.94.92.182"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/80.94.92.182","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"abuseip-45.56.83.247","source":"abuse-ipdb","category":"ip-reputation","severity":"critical","title":"Malicious IP: 45.56.83.247","description":"Country: US | ISP: unknown | Abuse score: 100%","indicators":{"cves":[],"ips":["45.56.83.247"],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":100,"publishedAt":"2026-06-22T14:16:59.000Z","fetchedAt":"2026-06-22T15:00:00.179Z","references":[{"url":"https://www.abuseipdb.com/check/45.56.83.247","label":"AbuseIPDB","domainType":"primary"}],"feedLabel":null},{"id":"threatfox-1835858","source":"threatfox","category":"threat-intel","severity":"critical","title":"botnet_cc: undefined","description":"https://bazaar.abuse.ch/sample/0efbd18c77479b458078521c18bdad84852b71250122a17cb8105c10d3df38d4/","indicators":{"cves":[],"ips":[""],"domains":[""],"urls":[""],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["APT","DPRK","SocGholish","OffLoader","AnyDesk","rmm","22June2026","ClearFake","Commandline","macOS","Remus","Viper","dead-drop-c2","polygon-deaddrop","SmartLoader","SmartLoader-MaaS","elf","IoT","Mozi","c2","SmartApeSG","ClickFix","Kongtuke","SilentNet","Vidar","CobaltStrike","drb-ra","RAT","RemcosRAT","asyncrat","EvilGinx","EvilGoPhish","erebus-v14","nation-state-hunter","t1055","t1105","multi-c2","python-agent","diicot","docker-api","Redtail","selfrep","miner","DDoS","ssh","xorddos","module-load","Muhstik","redis","postgres","takeover","t1059_003","t1071_001","remcos","Vshell","ConnectWise","NanoCore","tofsee","cs-watermark-987654321","cs-watermark-666666666","cs-watermark-305419896","redirector","Vo1d","gaea-operations","malware","phishing","scams","stefan-himmelskamp","honeypot","RapidStealer","QuasarRAT","21June2026","etherhiding","Polygon","Stealc","dcrat","Covenant","DomainShadowing","Windows","evalusion","jarm:1276612955","merry-florist","NetSupport","port:1337","single-gateway","unc2190","central-hub","clickfix-hub","wordpress-compromise","Fake-Captcha","wordpress-injection","c2-rotation","SilentStealer","XWorm","Havoc","Amos","AtomicStealer","Cthulhu","xxxblyat","stealer","OverlordRAT","AdaptixC2","valleyrat_s2","cs-watermark-391144938","Meterpreter","webpot","junko","boyzee","phoenix-c2","phoenix","Mirai","Adaptix","Mythic","EyePyramid","cs-watermark-1873433027","cs-watermark-1580103824","eval","lua","config","rce","xmrig","hta-polyglot","Loader","msix","TDS","crypter","rundll32","WebDav","ValleyRAT","RatonRAT","RemusStealer","FakeCaptcha","powershell","clipboard-hijack","NetSupportRAT","Dropper","fileless","i7sb1k","BianLian","cs-watermark-1234567890","lockbit","Ransomware","DarkVNC","kimsuky","honeylabs","erebus-v15","t1573_002","Ngioweb","AddType","Digitalocean","mtls","nginx","one-check.lol","TLS1.3","mesh","meshagent","China","Telecom","TernDoor","UAT-9244","cve-2024-4577","rotator","monero","payload-host","pool","cron","nc","DanBot","poshc2","payload","Sh","sliver","PureLogsStealer","CloudflareHardwareFingerprinting","amatera","ArcStealer","python-backdoor","winpython","Cloudflare","cracked-games","HijackLoader","Prospero","renengine","telemetry","kimwolf","Sheet Rat","SheetRAT","Deimos","ScreenConnect","compromised","WordPress","quasar","powershell-loader","RC4","ContagiousInterview","FakeInterview","dentons-impersonation","google-drive-abuse","homoglyph","msiexec","PureLogStealer","NeptuneRAT","BruteRatel","ErrTraffic","Amadey","ViriBack","23b404","CHAOS","NFS","iran","mois","MuddyWater","tsundere","FRP","relay","stagecomp","StrelaStealer","blockchain-C2","EtherRat","deerstealer","FakeGit","LuaJIT","ransomware","apt","botnet","infostealer"],"malwareFamily":"Unknown malware","confidence":100,"publishedAt":"2026-06-22T14:57:13Z","fetchedAt":"2026-06-22T15:00:01.202Z","references":[{"url":"https://bazaar.abuse.ch/sample/0efbd18c77479b458078521c18bdad84852b71250122a17cb8105c10d3df38d4/","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116794263266622855","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/5b5434cc8bb3556075c6967d2ffee5a6b33793de07b9d4701bc63d369de63861/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/409ad0799fe0b1ca3265d58f95eb13b7d56d6bad1f7346459fb02f772a3bf751/","label":"ThreatFox","domainType":"primary"},{"url":"https://honeylabs.net/lookup/110.36.27.209","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.15.36","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/119.30.118.255","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/storage.googleapis.com","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116793913870055780","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/cee20b0ab5a4f45984e8692355fd73082c52120875101bd3ff87d07c82646ee7/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/www.sokolmarefy.cz","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.seesingit.nl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.petektemizligifiyatlari.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/vitimadetransito.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/thesagevibe.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/stonecraftfabrication.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/thefaithlifeclub.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/stichtingunityvibes.nl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/test-flight.de","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/sttechnologie.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/techco.ec","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/shanghaiwangqing.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/sskfhospital.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/window-cleaner.uk","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/silanavi.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.alma2019-int.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/server-ke436.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/thequadtec.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/vetenim.site","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.pentaconsultant.co.uk","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/triplords.in","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ubytovani-hlohovec.cz","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/seedgoc.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/warriorsoftorah.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.andrewyoungkim.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/traillecaribbean.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/wandaspeaks.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ushiroyama-koumuten.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ur-schlecker.de","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/veducationservices.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/vaerdi.fr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/thelightdevelopers.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/tienda.lapapadulce.cl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/thesq.in","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/velazquezdrywall515.com","label":"ThreatFox","domainType":"other"},{"url":"https://twitter.com/NullBlue67","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.labormed.biz","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.luppolovers.it","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.manuelav.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.gtrecording.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/theloanbar.co","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.kotelvceneplynu.cz","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.gilles-hossepied.fr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.fillerwholesale.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.mediamanova.se","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.inside-thebox.fr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.estatelaw.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.jatka.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.egkart.co.in","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.eurohub.store","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.fithe.es","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.mistersawmill.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.erciyesenerji.com.tr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.angryfox.it","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.comtecdev.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.animaroc.ma","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.dciinteriors.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.thetimesbusiness.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.phonerep.se","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.vlumber.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/xlxlux.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.penzionzemianskydvor.sk","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.poeles-granules-manosque.fr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.mudanzasalcorcon.es","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.startupnewsindia.in","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.techsaeein.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.themoore-group.net","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.simbioseproxectos.gal","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/xn--72cf4ba3a3f6bcbb8a5rsa7c.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.rzeczoznawcaklama.pl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.septondespositives.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/xn--normobariachrzstw-vyb35a.pl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.spclvtflooring.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/youthfulstudio.com","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/8ae20a166e6b2ab746c2f97d92967b6df83c85d6cd81acab1a4883638c5dde92/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/72e855025d02c02fa90b0ee9296d8a59a6c008dff1b70682b58474a8183836b5/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/2e4845a187fa3a02cac09ca22d314d3f924c8bf63bf877d23e8645f7bac8cf55/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/b2315b4ad93131afad8bc924a386a5d50d65877c89078a3c700af044f217e8f7/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/stephanygill.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/suancescup.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/theglobalskillshub.com","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/54a62444672de4d11e9a3ebd67289f1afc4401d7f7631ac02e404c7d0ca257ca/","label":"ThreatFox","domainType":"primary"},{"url":"https://bbs.kanxue.com/thread-291612.htm","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/8c63a57313ad2479a758ca018134377043acbeade2b457f7f3392364b78a4a32/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/itecau.com.au","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/2736f5de45c8f90998998de0ce2db18fd182df2532350c2c7a162985e2703415/","label":"ThreatFox","domainType":"primary"},{"url":"https://greedybear.honeynet.org","label":"ThreatFox","domainType":"other"},{"url":"https://urlhaus.abuse.ch/host/cdn.privatefile.host/","label":"ThreatFox","domainType":"primary"},{"url":"https://urlhaus.abuse.ch/host/77.90.41.3/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/166e0b889d42908d544d47be2a2131793b150ea2f3f93ddd7e58669fd99586f8/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/3898a662f25925b6b46700297832940cfc026f5e59815fe670328a0213094a3b/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/fdfaed3893bb2cf3ebd547c889e17c1e2f0b90208ecccc8591164bec41cfdb85/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/a31bbac723d61178ae45f02937f67b694256220327989155044f9cd97763fca6/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/e22d7710e36dce587c71a661cb57843ef711f0320ac570ed0b9dea85c891761b/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/95a6eeb9407cfae94a99df9ca32c3b1858a5d6ff944eff33ad2228a1915c808b/","label":"ThreatFox","domainType":"primary"},{"url":"https://chainabuse.com/report/50a2071b-4c3e-488b-bebb-4c260a9c9b11","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/9c5f121e984d76e479ca119499d35efe9402925a2c29b195bff88542c47b0c05/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/2b48b4d74ec2b1cfbd9e732c2b4d1c58c82882007ab5624c74b15657feb9641d/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/2a97e8ffb5cfbbccd8e2c812fb6f86769ec014692f9bd598ad446c096630d577/","label":"ThreatFox","domainType":"primary"},{"url":"https://honeylabs.net/lookup/82.144.86.37","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/119.73.19.131","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.38.254.172","label":"ThreatFox","domainType":"other"},{"url":"https://tria.ge/260620-yrwfvahs6p/behavioral2","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@Ffforward/116780837774853850","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/aidancollege.ac.ug","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.15.86","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.42.235","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.39.255.247","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.36.86.0","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/c9eadf5f3be0996c41ad4c42f7bf530b74d8682ac630cea018dd0edefa07d4ea/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/ce00a84a546cf51d9428350aa1929c8999a4c48de5d7e53372f4faca22cbaf2e/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/25a0bddff7a3254104b66d4e84010c59ef192924cae703655f7fb592640d8d5d/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/e58ed7df39ec67a18fd90454d3fde120e57aeb06f7ab8f0b8c17d73e4c3a3ad6/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/994a77fad92b7ba173483358efc7afc3bae565f9258b98d3c5c1a0fcad948d6b/","label":"ThreatFox","domainType":"primary"},{"url":"https://honeylabs.net/lookup/103.186.77.95","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/72.255.3.39","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.13.227","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116777878546581429","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/b6d4ad0231941e0637485ac5833e0fdc75db35289b54e70f3858b70d36d04c80","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/imgur.media","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/13420d64ce091f6dc0505d5a2ca5858f6080f3d91580459c2284bd68fdcb1979","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/c343f53916747c5b8a60aed844b1882863f432af65867297edf1913f167c4f68","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/vigipart.fr","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116779064370086993","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.15.187","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.124.121","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/45.230.66.112","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/prguru.pk","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/bullpcn.com","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/1603899e2cbe71abad453b7c2735a294b93e23e4bedcb9e9f8e74b08b2564efb/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/b57c3186303f4a56ac70699bdef1aede047db5a118370f93df0171d9d2add0d6/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/3fc4b44fdddb35fc904b4aa619de1cacfe1f73490633e22fd163007fe59b2353/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/d113f72b9248e3a89d72d1238a8465af7857822b82951681cff22391ffff3039/","label":"ThreatFox","domainType":"primary"},{"url":"https://honeylabs.net/lookup/27.215.55.164","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.42.234","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.38.127","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.141.5.137","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/64767a09cce6d538bea2d11e0c59f47abd05f6e57f7a88b2b7a864c782cc1041/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/b699a24254fdb28c85fd40c1019703c40fce07ec4bad324bcbc891aad28159b2/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/jobs.trabajoseguro.info","label":"ThreatFox","domainType":"other"},{"url":"https://gist.github.com/jay-salihov/ea2ec22039ad225094e9e25260f4af89","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116776467245914896","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/holopebamiy.bond","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/oldagecarefoundation.com","label":"ThreatFox","domainType":"other"},{"url":"https://app.any.run/tasks/e3726371-10af-4a36-9b47-ed36f6803991","label":"ThreatFox","domainType":"other"},{"url":"https://x.com/RakeshKrish12/status/2067858643366944997","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/2fcf553b9656523b3207c08cdf16f7be9a25e55cf8c29f5caf933151c9214367/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/56a90f247ccffb63543d99a659f9517edde587f6e85752c82a9919e325de3ee5/","label":"ThreatFox","domainType":"primary"},{"url":"https://honeylabs.net/lookup/160.30.142.218","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/175.107.230.24","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.37.104","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/72.255.32.68","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/59.103.100.2","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/115.55.85.7","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.115.199.18","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.33.228","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.173.7.226","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/202.47.56.219","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/59.97.250.56","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.39.233.163","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/36.255.44.120","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.125.13","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/175.107.212.44","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/144.48.130.229","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.51.96","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.6.120","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/122.50.1.26","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/101.31.81.241","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.72.190","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/125.45.68.162","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/102.33.46.27","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/115.42.75.105","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/14.1.104.134","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.18.14.247","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/220.112.61.85","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/45.230.66.118","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/112.239.122.134","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/81.26.83.155","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/202.9.122.224","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/45.230.66.102","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/185.221.253.69","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.6.68","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.181.161.31","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/45.230.66.104","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.181.160.235","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.32.204","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/139.135.42.99","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.146.110.242","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/182.117.70.107","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/144.48.130.215","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.38.218.245","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/222.140.134.61","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.52.69","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/153.117.9.190","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.73.214","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/117.209.7.37","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.124.127","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/117.245.138.25","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/172.168.148.38","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/202.9.123.77","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/112.25.235.194","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.41.67","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/115.55.232.238","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.125.8","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/101.53.233.87","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/119.30.117.62","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.176.16.93","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.77.15","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/139.135.41.214","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/113.99.201.216","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/186.4.217.208","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/42.230.218.169","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/85.12.229.54","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/72.255.3.97","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/223.123.43.68","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.225.191.207","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/185.94.182.57","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/139.135.59.145","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/103.146.111.93","label":"ThreatFox","domainType":"other"},{"url":"https://platform.censys.io/hosts/78.40.194.67","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/ip-address/191.44.109.233","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/delmore-effect.com","label":"ThreatFox","domainType":"other"},{"url":"https://github.com/yankywilson/terndoor-uat9244","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/22620c9c6d0c2b392ee34bd4e7905b6f161bfe25ed3dc756302aeb091a994b0e/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/300942cdeac4217d156d03b1032271a6ab59f8dfa826f05bcea12f1094c5c0b1/","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116771502649851187","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116771505010133312","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116771277016156445","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/9f844a78cc2cd8d8a426f050a3efe319930f723eb10be231de1c1f1600e82127/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/birdybird.rest","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/siledepartamentos.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/qantify.net","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/nabane.com.mx","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/mingliu.com.tw","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/sonofar.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/volunteerskonect.ca","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/madhavsamachar.com","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/d78bc974947dca5f86fc0b5503e157b1537dbac4bcfe4bfb1779213342a5bb19/","label":"ThreatFox","domainType":"primary"},{"url":"https://app.any.run/tasks/9ead4006-d220-4319-b816-369db06bb5d2","label":"ThreatFox","domainType":"other"},{"url":"https://app.any.run/tasks/9fd3ff9b-e009-4a84-90f9-e753c7ad5bec","label":"ThreatFox","domainType":"other"},{"url":"https://app.any.run/tasks/5ca04f75-5241-4b65-9e15-f0b432eb31f5","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116768208446028735","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116767258309670005","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/trecoshop.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/ip-address/45.32.132.194","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/a8fe7ea23ff20fb3ab2bcd122650e0fd0c6f9d384c11570a37290126f5cbef32","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/7123e1514b939b165985560057fe3c761440a9fff9783a3b84e861fd2888d4ab","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/chinarice.asia","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/c8c385c10b1586728318f43b9dcafecfd46d8d6000984fe489bb1d219ea8b4f9/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/806a271f5d14a873a1d0965d7caab4f572a5c6b25f5b88985ac88d74c4d96d48/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/bdc419313f6d07aae8aa7295dfd00910ee3f4acad5f6310981bfa791e65f1407/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/livelaughfite.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/webexpress.cl","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/withyou.ma","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.kushalcardiaccare.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/toilettage-muzillac.fr","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/panelmienbac.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/systemlt.site","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.koktengri.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/valorglobe.com","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116765601949424936","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/7e27deea413f5c390fd790423de9dc552a1e393187607485394044c4ddc85fdf/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/9ab135ec9d97c65caacdc2cd1ac166b7f491d8ad0635b3bd595a244ca6af9795/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/swabina.co.id","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ssagronursery.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/readingtime.space","label":"ThreatFox","domainType":"other"},{"url":"https://www.wordfence.com/blog/2026/06/psa-supply-chain-compromise-targets-shapedplugin-backdoored-pro-plugins-distributed-via-official-channels/","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/d9370a3a85d27b864790b225c529647667b5878690eafdcd805a1fd75c76648e/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/56e40788e87392cbea4328852c9e5cfcf5ab0a96b778a540835b4fb0bd4cb2d1/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/af3ecfc347087c080111b1e845c7d84a2e2625f6d126a0744c016d63ad74483c/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/57a17538be51fd67c23990096c864f953b32bed6087ad8e0662db2bdcab3c147/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/clauscreations.nl","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/76ccd85ab8f28058a926eb8d2ea07dd7572896046dd1ae742ec453e1da9213e4/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/www.sarivo.co","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/f673426085334e706064501731e19ca5112d78c48aa94869ad1b8017874820fa/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/09cf564075e4a500b6df3a3ca263076c47730b28d60c12fc59c7fd4e7464fa85/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/18c7e2dc3aa3a2d0aa5493eddb3b08e24f21020da05e54a158a15ade67dc9279/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/recreio.pet","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/scripterx.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/slammedhospitalitytalk.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/renovapqs.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/rebuildinglivesinitiative.org","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/9e4235c530fc10df9225e9ab98095d7a19d35f9e4ebf50a74dcb4b1e7bf86170","label":"ThreatFox","domainType":"other"},{"url":"https://gitlab.com/marotino-hiring/helios-app/-/blob/main/tailwind.config.js","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/aqua-methodsug.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/atheriumcode.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ayamprestonyonyalina.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/blankpublication.at","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ashifct.com","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116761124076350047","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/afroskin.id","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/abilitaseguros.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/abelmomaroc.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/activeiman.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/2rbo.com.mx","label":"ThreatFox","domainType":"other"},{"url":"https://urlscan.io/result/019ed22e-347e-7229-af80-c237e0f20fc9/","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/techwizzardz.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/tecnolozzi.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/topflytdrones.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/taiwandonutsoh.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/somaxsis.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.madinastorebd.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.thmonofuku.lat","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.citymoversmagazine.com.ng","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.elficarum.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.itinera.healthcare","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/wellzonebuildingcleaningservicesco.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/westlandconsultants.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/wbworkshops.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/webeffa.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/yourmusicboost.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/www.lc3.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/protraincompany.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/quickvinrecord.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/refinedwearfashionstore.shop","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/sgsolicitors.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ouagayaar.bf","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/nicescleaningservice.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/nuestisingur.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/patronoapp.online","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/teknolojikbirinsan.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ultrasound-transducer-repair.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/shambolicliving.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/tritantech.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/valuevillagelistens.pro","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/streamsvision.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/gooddealsinc.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/judyprescottmarshall.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/indicatorspotvip.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/homefrontprojects.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/htxvanthanhphat.vn","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/iamstudent.co.uk","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/hi-tech-engineering.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/gracedrivenlife.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/gospelofwork.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ibtidaa.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/mehedimartbd.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/mobconic.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/mercadodeartesdigitales.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/macbekent.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/lumikaafricansafari.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/metroreportase.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/lookeelooky.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/mediosdigitalesdelnorte.net","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/cwshealthsurvey.shop","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/couragefoundation.eu","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/cybernetron.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/drfelipearnaud.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/dulichdonga.vn","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/domarisconcepts.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/dietprepplaybook.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/electromep.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/festivaldotorresmo.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/forumjabar.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/fabidi.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/enerjplus.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ebyeos.com.br","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/dnmurals.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/chiltonlabs.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ac4hosting.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/buildmoresolutions.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/cedckenya.org","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/buydallasland.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/ccshdi.com","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/brasiltarot.online","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/cameradalat.net","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/5f64a0b2fcf36085e27062589a198ae299d4698c16204a0ad4cb702ef694ad2c","label":"ThreatFox","domainType":"other"},{"url":"https://infosec.exchange/@monitorsg/116760415088421593","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/4e03498bc61d2b713c0669b58c45dbfd2bc6091ce3db935c5df104a9bb6e3f93/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/dom-inn.de","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/f0661c2e8446e0a94c9907f37cb9e2d97feb2a1e9a0182682fe57591293252e4/","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116759471266741920","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/4c5b729c3522fdd11dfd3e5807c225df109172981d2c214b2a905fa2bf6b39e2/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/eca23985908165bcc9684bf5b0b500601cf0f1861dd97192517beb0401e601f2/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/a4018431ceef5951f42ba74ff9a78db54d43030590b1ade030136227eee9035d/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/2c2ac25b1fa7891ca502f8a4e3146973e560c467cbfc9df395842d4a07854420/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/348a82709d9ddec8cd56b8b2c55d7793bb99c2ec0d52cb0c388e7485178486ce/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/926e8f1a7f349ff1eef31f89fa8ffe265c30b92e310e8bea19962d38f8c32129/","label":"ThreatFox","domainType":"primary"},{"url":"https://blog.sekoia.io/unveiling-errtraffic-inside-a-growing-clickfix-malware-distribution-framework","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/fc5e53a38115e8c2d9ed3d2e464127d564340a1d0c4cffa2080baf3ea1a8b28d/","label":"ThreatFox","domainType":"primary"},{"url":"https://tracker.viriback.com/index.php?q=66.94.119.99","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/2df7a9ec38d125b1e1517466ea4761cc9d9071086f2fdc472ce5a2f0ddc43363/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/smenapodik.bond","label":"ThreatFox","domainType":"other"},{"url":"https://clickfix.carsonww.com/domains/plunkev.ca","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/77dccc5455aac4c8114326446ca1605300db691e379027c0d286f1c44035fa81/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/8a0e2a535aab576ba6a9a88baa4fc6010f26787c0e7d82f44528bf4709dfb7d2/","label":"ThreatFox","domainType":"primary"},{"url":"https://clickfix.carsonww.com/domains/seanofficials.com","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/4c7d82f0ca21ad79857d1802f5d0ef18071a96dd17464cef1dcfff62443a54a4/","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116755924863312130","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/5296603d85e7b34a68197e40b30fead8da92d63310ce395396845e23de47a13f/","label":"ThreatFox","domainType":"primary"},{"url":"https://github.com/yankywilson/muddywater-etherhiding-resolver-family","label":"ThreatFox","domainType":"primary"},{"url":"https://github.com/yankywilson/muddywater-stagecomp-moonzonet","label":"ThreatFox","domainType":"primary"},{"url":"https://infosec.exchange/@monitorsg/116755454676917155","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/8cccade2b3df0d398864820af445c22e33512d62a67f1ce80c7b929f82e44826/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/08554a2e413370221dc5f5668d336886e2f66cdbcd14314b7a3b8e3d44febbb0/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/b7d9f992e21b58de71534c09e6eb78bedcb9685b54ddb4e0ff574face3076da8/","label":"ThreatFox","domainType":"primary"},{"url":"https://github.com/yankywilson/etherrat-onchain-c2-detection","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/3c984b837219c7b80d7b8c1a517a5967753652830c01d5cea4c86c34971ca77f/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/b124281a985f5914fd8a58e3cf26968341d45c19e654d30e375f850a23c0e8a1/","label":"ThreatFox","domainType":"primary"},{"url":"https://www.derp.ca/research/fakegit-luajit-github-campaign/","label":"ThreatFox","domainType":"other"},{"url":"https://bazaar.abuse.ch/sample/0154fa1643fbafceaeb7953ce540e84d5d84550ed013869e2b8350fc91fccbf7/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/8496282ebb3abb2daaecaeb43ce3503688447183367c2015a41ad7b028b4b3d9/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/d5068c90a739e6c19752cd7a1ba7bbc5d9fec9c7a97e7a83cb2290d6b83c92f6/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/75b4c39950f8c48c00c926ff46384db745b9ea34797eb5cf3b894768b8ac1a4f/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/5ba52a3e4e42eeb6ecbf2e3d843086904562f1e055d8a3409d0204a51c7bb8f7/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/c565c46640f1721a978d46ee6b969ecc4022d1bcc4c65d52c5ed03911f33f1c5/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/927c5294eb8948c337dd92869ca2efff4833f58cd9abe48ccc1bcb74457000b3/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/15bf2353ddd9597f296f09c71fa9ff8bbe2fdc43631704c90b5809ddcdd68dc0/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/f4f7e592842a11ec33011a05a0ac29ded4fe214cd34173cbe05ff7ff274f9c0a/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/eb11992439bfa973d9e35bc7c386210930e89b439a5d908173ffcc37d25e7336/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/3a15704b368b40666edc53de2a029ada5c4333e8f05c3b693c4cd34daa57dee5/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/31f78830bdecc47692b20e15f5042e439aadba0c628119066f4de470c8098c19/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/0da9eef940fe37d1f110f01ba44c7b15147cea02aa053aac7550f4a902db72f8/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/c3270918c96d3cf276d60f47141f883df964c8f9b76476d56c72c3df21f1ff55/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/3b89b49f578a0d178aebf50f5bda21693920eed9a9525fc80a0335e7a54af8c5/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/526b941704ba3453439eaababaa7de897fb06aef78ab180ca8083ca39b06aaa0/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/58bd1345b0a16d3d9513322cc40f43e55b8ca98501bdfa38c7f59e6cc30dbd0f/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/5b29f61ae76ae185c75ed6d48e3ebf1c891335243edc25b4aa1435c4c9df0ed7/","label":"ThreatFox","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/857ef3e09895cff8faeae1d22935785f7c7afa8860ed0234e52fdbaf6f7521f0/","label":"ThreatFox","domainType":"primary"}],"feedLabel":null},{"id":"news-new-prinz-eugen-ransomware-prioritizes-recent-files-for-encryption","source":"general-news","category":"news","severity":"critical","title":"New Prinz Eugen ransomware prioritizes recent files for encryption","description":"A new ransomware operation named 'Prinz Eugen' prioritizes recently modified files for encryption and leaves no ransom note on the system. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T15:23:46.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/new-prinz-eugen-ransomware-prioritizes-recent-files-for-encryption/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-gentlemen-ransomware-uses-multiple-edr-killers-to-disable-defenses","source":"general-news","category":"news","severity":"critical","title":"Gentlemen ransomware uses multiple EDR killers to disable defenses","description":"The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T22:31:52.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/gentlemen-ransomware-uses-multiple-edr-killers-to-disable-defenses/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-weekly-recap-browser-bugs-edr-killers-tv-botnet-openbsd-flaw-android-trojan-and-","source":"general-news","category":"news","severity":"critical","title":"⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More","description":"It’s Monday again.\n\nThis week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control.\n\nThe annoying part is how little of this feels new. Weak credentials, ske…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware","botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T10:55:10.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/weekly-recap-browser-bugs-edr-killers.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-interpol-warns-phishing-ransomware-and-ai-scams-are-rising-across-asia-pacific","source":"general-news","category":"news","severity":"critical","title":"INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific","description":"A new report from INTERPOL has revealed a \"dramatic increase\" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.\n\nAccording to INTERPOL's 2025/2026 Asia and South…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware","phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T06:06:53.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/interpol-warns-phishing-ransomware-and.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-the-gentlemen-raas-uses-gentlekiller-edr-framework-targeting-400-security-proces","source":"general-news","category":"news","severity":"critical","title":"The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes","description":"The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor.\n\nThis mature portfolio of EDR-terminating tools is cent…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T18:33:07.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/the-gentlemen-raas-uses-gentlekiller.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-autojack-attack-lets-one-web-page-hijack-ai-agent-for-host-code-execution","source":"general-news","category":"news","severity":"critical","title":"AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution","description":"Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution.\n\nSteer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same machine and spawn a pr…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T15:30:47.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/autojack-attack-lets-one-web-page.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-f5-patches-two-critical-nginx-open-source-flaws-enabling-remote-code-execution","source":"general-news","category":"news","severity":"critical","title":"F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution","description":"F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-42530 (CVSS v4 score: 9.2) - A use-after-free vulnerability in the ngx_http_v3_modu…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T17:32:14.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-inc-ransomware-emerges-as-major-raas-threat-in-2026-with-830-victims-since-2023","source":"general-news","category":"news","severity":"critical","title":"INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023","description":"Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 victims since August 2023.\n\n\"The disruption of LockBit and the shutdown of BlackCat created opportunit…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:12:48.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/inc-ransomware-claims-830-victims-since.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-dragonforce-hackers-abuse-microsoft-teams-relays-to-hide-backdoor-turn-c2-traffi","source":"general-news","category":"news","severity":"critical","title":"DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic","description":"Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to conceal command-and-control (C2) traffic inside Microsoft Teams relay infrastructure.\n\nAccording to findings from Broadcom-owned Symantec and Carbon…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware","botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T13:30:07.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/dragonforce-hackers-abuse-microsoft.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-microsoft-confirms-rogueplanet-defender-zero-day-says-patch-is-in-development","source":"general-news","category":"news","severity":"critical","title":"Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development","description":"Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet.\n\nThe vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.\n\n\"Microsoft is a…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["zeroday"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T17:36:28.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-the-top-10-attack-surface-exposures-in-2026","source":"general-news","category":"news","severity":"critical","title":"The Top 10 Attack Surface Exposures in 2026","description":"Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentic…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["zeroday"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T10:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-new-rokarolla-android-malware-steals-pins-sms-codes-and-crypto-wallet-funds","source":"general-news","category":"news","severity":"critical","title":"New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds","description":"Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands.\n\nTogether, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends SMS,…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T13:10:17.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-inc-ransomware-thrives-by-mastering-the-basics","source":"general-news","category":"news","severity":"critical","title":"INC Ransomware Thrives by Mastering the Basics","description":"And one of those basics is focusing on sectors where a ransomware disruption creates immediate pressure to pay up, like with healthcare.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T19:46:25.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyberattacks-data-breaches/inc-ransomware-thrives-by-mastering-the-basics","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-lorem-ipsum-malware-pivots-to-clickfix-delivery","source":"general-news","category":"news","severity":"critical","title":"'Lorem Ipsum' Malware Pivots to ClickFix Delivery","description":"New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T15:10:48.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyberattacks-data-breaches/lorem-ipsum-malware-clickfix-delivery","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-what-the-latest-shinyhunters-breaches-reveal-about-modern-cyberattacks","source":"general-news","category":"news","severity":"critical","title":"What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks","description":"Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.\nThe post What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["zeroday"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T10:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/what-the-latest-shinyhunters-breaches-reveal-about-modern-cyberattacks/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-operation-endgame-disrupts-malware-network-linked-to-major-ransomware-gang","source":"general-news","category":"news","severity":"critical","title":"Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang","description":"SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T10:15:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/operation-endgame-socgholish-evil/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-ico-cautions-healthcare-worker-after-princess-of-wales-incident","source":"general-news","category":"news","severity":"critical","title":"ICO Cautions Healthcare Worker After Princess of Wales Incident ","description":"Hospital insider escapes criminal prosecution after attempting to sell royal’s medical records","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:45:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/ico-cautions-healthcare-worker/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-dragonforce-ransomware-exploited-microsoft-teams-to-hide-in-attack-against-major","source":"general-news","category":"news","severity":"critical","title":"DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company","description":"Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware","botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T11:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/dragonforce-ransomware-hidden/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-adriatic-port-cyber-attack-by-anubis-sparks-warning-over-maritime-security-risks","source":"general-news","category":"news","severity":"critical","title":"Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks","description":"How the Anubis ransomware group stole and leaked an Italian Adriatic port authority's data","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware","transport"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T16:15:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/anubis-ransomware-adriatic-port/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-week-in-review-74k-fortinet-firewall-credentials-stolen-splunk-enterprise-rce-un","source":"general-news","category":"news","severity":"critical","title":"Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack","description":"Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sight Deep learning systems on edge devices often rely on third-party-designed FPGAs and ASICs for performance and efficiency, creating supply chai…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["rce","supply-chain"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-21T08:00:25.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/21/week-in-review-74k-fortinet-firewall-credentials-stolen-splunk-enterprise-rce-under-active-attack/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-australian-sugar-producer-works-to-restore-operations-as-ransomware-group-claims","source":"general-news","category":"news","severity":"critical","title":"Australian sugar producer works to restore operations as ransomware group claims attack","description":"Mackay Sugar said it was \"working urgently\" to verify claims that a highly active ransomware group was behind a cyberattack that shut down harvesting and milling operations.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ransomware"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:20:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://therecord.media/mackay-sugar-cyberattack-claimed-gentlemen","label":"The Record","domainType":"media"}],"feedLabel":null},{"id":"cisa-kev-CVE-2026-20253","source":"cisa-kev","category":"vulnerability","severity":"high","title":"CVE-2026-20253 — Splunk Enterprise Missing Authentication for Critical Function Vulnerability","description":"Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.","indicators":{"cves":["CVE-2026-20253"],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T00:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.197Z","references":[{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20253","label":"NVD","domainType":"primary"}],"feedLabel":null},{"id":"cisa-kev-CVE-2026-48907","source":"cisa-kev","category":"vulnerability","severity":"high","title":"CVE-2026-48907 — Widget Factory Joomla Content Editor Improper Access Control Vulnerability","description":"Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users. ","indicators":{"cves":["CVE-2026-48907"],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T00:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.197Z","references":[{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48907","label":"NVD","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-apollo-pharmacy-blood-glucose-monitoring-system-apg-01-bt","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT","description":"View CSAF\nSummary\nSuccessful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device.\nThe following versions of Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT a…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-169-01","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-mitsubishi-electric-co-s-melsec-iq-f-series-fx5-enet-ip-ethernet-module","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected product by continuously sending a large number of communication packets to the Ethernet port of the product in a short period of time, increasing…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-06","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-mitsubishi-electric-melsec-iq-f-series","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Mitsubishi Electric MELSEC iQ-F Series","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected product by rapidly establishing a large number of TCP connections to it, resulting in an inconsistency in the product's internal connection manag…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-05","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-schneider-electric-easergy-ecostruxture-powerlogic-and-saitel-products","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products","description":"View CSAF\nSummary\nSchneider Electric is aware of vulnerabilities in its PowerChute™ Serial Shutdown product. The [PowerChute Serial Shutdown](https://www.se.com/ww/en/product-range/137943580-powerchute-serial-shutdown/#products) product is a UPS management software enabling graceful system shutdown…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-07","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-factorytalk-historian-site-edition","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation FactoryTalk Historian Site Edition","description":"View CSAF\nSummary\nSuccessful exploitation of these vulnerabilities could allow an attacker to obtain a valid authentication token, perform a denial of service, or crash the system.\nThe following versions of Rockwell Automation FactoryTalk Historian Site Edition are affected:\nFactoryTalk Historian SE…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-03","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-aver-ptc-cameras","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"AVer PTC cameras","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could allow arbitrary code execution.\nThe following versions of AVer PTC cameras are affected:\nPTC500S vers:all/* (CVE-2026-40624)\nPTC115 vers:all/* (CVE-2026-40624)\nPTC500+ vers:all/* (CVE-2026-40624)\nPTC115+ vers:all/* (CVE-2026-40624…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-01","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-schneider-electric-easylogic-t150-and-saitel-dp","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Schneider Electric EasyLogic T150 and Saitel DP","description":"View CSAF\nSummary\nSuccessful exploitation this vulnerability could allow an attacker to gain unauthorized access to sensitive files\nThe following versions of Schneider Electric EasyLogic T150 and Saitel DP are affected:\nSchneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Co…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-04","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-flex-i-o-ethernet-ip-adapters","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation FLEX I/O EtherNet/IP Adapters","description":"View CSAF\nSummary\nSuccessful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, account takeover, and cause loss of availability.\nThe following versions of Rockwell Automation FLEX I/O EtherNet/IP Adapters are affected:\n1794-AENTR V2.012 (CVE-2026-0646, CVE-20…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-05","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-logix-5370-5570-controllers-vulnerable-to-denial-of-service-","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could cause a denial-of-service condition that may result in a major nonrecoverable fault (MNRF).\nThe following versions of Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP are affected:\nCompactL…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-03","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-rslinx","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation RSLinx ","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability can lead to a denial of service, where the application will become unresponsive and will not recover on its own.\nThe following versions of RSLinx Classic Third-Party Vulnerability are affected:\nRSLinx Classic <=4.50.00 (CVE-2020-13573)…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-02","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-factorytalk-analytics-pavilionx","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation FactoryTalk Analytics PavilionX","description":"View CSAF\nSummary\nSuccessful exploitation of this vulnerability could result in an attacker executing privileged operations.\nThe following versions of Rockwell Automation FactoryTalk Analytics PavilionX are affected:\nFactoryTalk Analytics PavilionX <7.01 (CVE-2025-14272)\nCVSS\nVendor\nEquipment\nVulner…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-01","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"cisa-adv-rockwell-automation-compactlogix","source":"cisa-advisories, vendor-blogs","category":"advisory","severity":"high","title":"Rockwell Automation CompactLogix","description":"View CSAF\nSummary\nSuccessful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.\nThe following versions of Rockwell Automation CompactLogix are affected:\nCompactLogix 5370 L1\nCompactLogix 5370 L2\nCompactLogix 5370 L3\nCVSS\nVendor\nEquipment\nVulnerabili…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-04","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-f3355943d1b279778879cbe6f036bd1b2f86b6e33ef1c4b1f4896a4e540b3593","source":"malware-bazaar","category":"malware","severity":"high","title":"sunwukongs.exe","description":"File type: exe | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"0f89e6a8ca11c4e734b1bb205e264ae9","sha1":"28fe622e40c2ba89b9f57b3242b6d9e7565216c4","sha256":"f3355943d1b279778879cbe6f036bd1b2f86b6e33ef1c4b1f4896a4e540b3593"}},"tags":["exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:58:51Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/f3355943d1b279778879cbe6f036bd1b2f86b6e33ef1c4b1f4896a4e540b3593/","label":"MalwareBazaar","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/abb567030783490103cd3b5b5e075aaf5a4bb35379188fe8389317a5a514a9af/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-80ea7456faf8688b78fe1b82d534bc6251c70cddb9ec076225adac334ad988ca","source":"malware-bazaar","category":"malware","severity":"high","title":"ScreenConnect.ClientSetup.exe","description":"File type: exe | Reporter: BlinkzSec","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"e4841bff2e9072bb045ef9f6d0643280","sha1":"f1fd3ca4a4dccaeee98eeb6fc94f4eeba7d89f3f","sha256":"80ea7456faf8688b78fe1b82d534bc6251c70cddb9ec076225adac334ad988ca"}},"tags":["signed"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:57:58Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/80ea7456faf8688b78fe1b82d534bc6251c70cddb9ec076225adac334ad988ca/","label":"MalwareBazaar","domainType":"primary"},{"url":"https://bazaar.abuse.ch/sample/5061c681e8b516f877c426dd593f570cc8520d2411e842f9c236b6f555046bac/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-5485368e29878f8170406583d36a8ef1d90099db4463852dacfe6aa75dfa2669","source":"malware-bazaar","category":"malware","severity":"high","title":"INTERMEDIATE BKR SURVEY. Formato BASE_083658.xls","description":"File type: xls | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"f500581a9e3ba199783e7951daf6f5b3","sha1":"db9651e6c4c07eeebda4b3ac8faac3de534ba9db","sha256":"5485368e29878f8170406583d36a8ef1d90099db4463852dacfe6aa75dfa2669"}},"tags":["xls"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:57:43Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/5485368e29878f8170406583d36a8ef1d90099db4463852dacfe6aa75dfa2669/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-69ff04f88458bf9f2f977687dcdc1006df399a3bd2262b95f36d809c6228c350","source":"malware-bazaar","category":"malware","severity":"high","title":"Rusko selo vodovod i grejanje.xls","description":"File type: xls | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"8c28702a17cddfe303b0b4fe03f2ca4d","sha1":"bb67e18c86e72edb1366baf8259931082471e7c7","sha256":"69ff04f88458bf9f2f977687dcdc1006df399a3bd2262b95f36d809c6228c350"}},"tags":["xls"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:57:40Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/69ff04f88458bf9f2f977687dcdc1006df399a3bd2262b95f36d809c6228c350/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-38ac227c825ab5a013ac64a5167abef0e82210792e04d5ad2b8519b91bc0ad53","source":"malware-bazaar","category":"malware","severity":"high","title":"Purchase Order for 20ft.docm","description":"File type: docm | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"73f8b1defc80ba1c97cf9c30f26ffaba","sha1":"b1500c00134b08507ce99ca4af5f5dfabf5e1157","sha256":"38ac227c825ab5a013ac64a5167abef0e82210792e04d5ad2b8519b91bc0ad53"}},"tags":["docm"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:57:38Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/38ac227c825ab5a013ac64a5167abef0e82210792e04d5ad2b8519b91bc0ad53/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-12b90ddb368ab4ffcc98171a59b8a19a07aeb6017b3ec08a06b3b1eecdd9fdd4","source":"malware-bazaar","category":"malware","severity":"high","title":"BLAZE FREE INTERNAL Cracked.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"0c4f98399c7d35ad1158f92ee7043b3b","sha1":"08f68b73d628e543ead4fc92ef9c0fdb37b8acfb","sha256":"12b90ddb368ab4ffcc98171a59b8a19a07aeb6017b3ec08a06b3b1eecdd9fdd4"}},"tags":["CoinMiner","exe","xmrig"],"malwareFamily":"CoinMiner","confidence":null,"publishedAt":"2026-06-22T14:57:37Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/12b90ddb368ab4ffcc98171a59b8a19a07aeb6017b3ec08a06b3b1eecdd9fdd4/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-99a218e5ef6b32d486a6fddfdea72a37a58f0681cf8ff4913a704b020831077b","source":"malware-bazaar","category":"malware","severity":"high","title":"Satınalma Siparişi Q62026-V5560001.xls","description":"File type: xls | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"22c64ea564c04e44c54779a9ebb83407","sha1":"dd949eb805b3f13c863371f0cb2d828d129a20c3","sha256":"99a218e5ef6b32d486a6fddfdea72a37a58f0681cf8ff4913a704b020831077b"}},"tags":["geo","TUR","xls"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:57:35Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/99a218e5ef6b32d486a6fddfdea72a37a58f0681cf8ff4913a704b020831077b/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-0b3e31bd2e94bb8db8ce5376c431c2912844d3e5f89226abae7ef6407888db59","source":"malware-bazaar","category":"malware","severity":"high","title":"support.client.exe","description":"File type: exe | Reporter: BlinkzSec","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"2312608a5b3968e154d49629cbb44f4a","sha1":"686d46b27b2434e1aeb24dd67d2e7a1d085e7125","sha256":"0b3e31bd2e94bb8db8ce5376c431c2912844d3e5f89226abae7ef6407888db59"}},"tags":["signed"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:55:14Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/0b3e31bd2e94bb8db8ce5376c431c2912844d3e5f89226abae7ef6407888db59/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-3f55e9b6542684cbe6ad853fc7a0c1df1b0e8de0a7c69fef131e93c82f3712ac","source":"malware-bazaar","category":"malware","severity":"high","title":"Client.exe","description":"File type: exe | Reporter: anonymous","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"9f21fda4eace55e9f759bbfb4d5799b0","sha1":"401901a30cbe4578341ade9e3f4f992bc8c6a7f1","sha256":"3f55e9b6542684cbe6ad853fc7a0c1df1b0e8de0a7c69fef131e93c82f3712ac"}},"tags":["email","exe","spam"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:52:38Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/3f55e9b6542684cbe6ad853fc7a0c1df1b0e8de0a7c69fef131e93c82f3712ac/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-ed1d99b06bccf9436bb1b9517520010b412b3d8d9d12bfd6a6ef11df1df1ceb2","source":"malware-bazaar","category":"malware","severity":"high","title":"Loan_Prediction_Approval_v3.3.zip","description":"File type: zip | Reporter: BlinkzSec","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"bfab914fe1b96232cf54dc0016a32f06","sha1":"5ad1b75614cfd1c9867c5939f630010dc4bc1142","sha256":"ed1d99b06bccf9436bb1b9517520010b412b3d8d9d12bfd6a6ef11df1df1ceb2"}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:52:04Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/ed1d99b06bccf9436bb1b9517520010b412b3d8d9d12bfd6a6ef11df1df1ceb2/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-674295167707c56a258e7f8a55b34c12332793733ee86e23023af7fe099e16cc","source":"malware-bazaar","category":"malware","severity":"high","title":"undetek-v10.34.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"158b8af97dc35528e53d10e6ed9f6d62","sha1":"a837343932d5b5113189eced089c63b6c25aa246","sha256":"674295167707c56a258e7f8a55b34c12332793733ee86e23023af7fe099e16cc"}},"tags":["exe","miner","salatstealer","upx","xmrig"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:48:55Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/674295167707c56a258e7f8a55b34c12332793733ee86e23023af7fe099e16cc/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-97d52f54dfdbe3f2fc2171b54afa8b97647a1bc88d2bf2e387fe8f78b55c85aa","source":"malware-bazaar","category":"malware","severity":"high","title":"undetek-v10.37.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"1f122145a516407b9d7899ef9d98a7ac","sha1":"1ea7701f291d8feba331c8b5105358492ace1d77","sha256":"97d52f54dfdbe3f2fc2171b54afa8b97647a1bc88d2bf2e387fe8f78b55c85aa"}},"tags":["exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:44:45Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/97d52f54dfdbe3f2fc2171b54afa8b97647a1bc88d2bf2e387fe8f78b55c85aa/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-05b67b5e047a4270c75d9b78a8ea1fc1f23d6fe634f8df29c6b59bf700ddf577","source":"malware-bazaar","category":"malware","severity":"high","title":"crypted (4).js","description":"File type: js | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"15d472fd9b877b992377457d136167b7","sha1":"db4b3932d900ee4aa0ffd61b1dbdcf9275ed731c","sha256":"05b67b5e047a4270c75d9b78a8ea1fc1f23d6fe634f8df29c6b59bf700ddf577"}},"tags":["js","PhantomStealer"],"malwareFamily":"PhantomStealer","confidence":null,"publishedAt":"2026-06-22T14:43:56Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/05b67b5e047a4270c75d9b78a8ea1fc1f23d6fe634f8df29c6b59bf700ddf577/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-6a0bf1dba11b61b4b53e78ccb483a7aea4ec3cfa81d2e7f9de55376c9fdef7ec","source":"malware-bazaar","category":"malware","severity":"high","title":"d9e0461524386292212444734e44619e.exe","description":"File type: exe | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"d9e0461524386292212444734e44619e","sha1":"8b0954a8e13c1086945b93e9e967786e86bd0f2a","sha256":"6a0bf1dba11b61b4b53e78ccb483a7aea4ec3cfa81d2e7f9de55376c9fdef7ec"}},"tags":["exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:42:57Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/6a0bf1dba11b61b4b53e78ccb483a7aea4ec3cfa81d2e7f9de55376c9fdef7ec/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-16de32e17a14655141f063827249f1f8eda41d1f06b1df399e5a8cae08db6555","source":"malware-bazaar","category":"malware","severity":"high","title":"1688a855869a249114084ae11f82fd8e.exe","description":"File type: exe | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"1688a855869a249114084ae11f82fd8e","sha1":"476b43568053d086ce5c4917201ee02d2e421637","sha256":"16de32e17a14655141f063827249f1f8eda41d1f06b1df399e5a8cae08db6555"}},"tags":["exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:40:59Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/16de32e17a14655141f063827249f1f8eda41d1f06b1df399e5a8cae08db6555/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-3e982ec9ece55bc3e565186182caea369338d277c078f4380fe2258342ca4893","source":"malware-bazaar","category":"malware","severity":"high","title":"098a3905a8bde664d46f9967e9c34770.exe","description":"File type: exe | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"098a3905a8bde664d46f9967e9c34770","sha1":"8e13a19050a2db7525813f4a6de1654af4ed2dfd","sha256":"3e982ec9ece55bc3e565186182caea369338d277c078f4380fe2258342ca4893"}},"tags":["exe","RustyStealer"],"malwareFamily":"RustyStealer","confidence":null,"publishedAt":"2026-06-22T14:39:00Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/3e982ec9ece55bc3e565186182caea369338d277c078f4380fe2258342ca4893/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-f710fb64a042409d4e095eb62b87815f4dffd26728c8a6471e7cd5b444749660","source":"malware-bazaar","category":"malware","severity":"high","title":"mfrmfral.bat","description":"File type: bat | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"436a48cb924dc5abbf74af84a3e8a51f","sha1":"91e24b027f6013891eea6291915d0aa3d7bef1b2","sha256":"f710fb64a042409d4e095eb62b87815f4dffd26728c8a6471e7cd5b444749660"}},"tags":["bat","RAT","RatonRAT"],"malwareFamily":"RatonRAT","confidence":null,"publishedAt":"2026-06-22T14:38:50Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/f710fb64a042409d4e095eb62b87815f4dffd26728c8a6471e7cd5b444749660/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-a61c493ca9a11e4e5144137f975f39f72e15adf73e8e010fdd9b56964ada0b3f","source":"malware-bazaar","category":"malware","severity":"high","title":"Yeni Talep Duco_Nq.DD.js","description":"File type: js | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"38028d442b37bb94fc3465818404a629","sha1":"9ee309a1191fa60dc2abb889f893156b7d104153","sha256":"a61c493ca9a11e4e5144137f975f39f72e15adf73e8e010fdd9b56964ada0b3f"}},"tags":["AsyncRAT","geo","js","RAT","TUR"],"malwareFamily":"AsyncRAT","confidence":null,"publishedAt":"2026-06-22T14:38:36Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/a61c493ca9a11e4e5144137f975f39f72e15adf73e8e010fdd9b56964ada0b3f/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-85faf8edd9d7b2c78e1a8bddd0ead41b822adc0d4bb67bc1a5cda9a3e4ba9c5c","source":"malware-bazaar","category":"malware","severity":"high","title":"НсаtаlinаХ64-v.1.234.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"a604cd455d2e8c3d199753e13ed77d04","sha1":"7bb76f4e92d6ba57bb57c0bb3d365aa934dedcb4","sha256":"85faf8edd9d7b2c78e1a8bddd0ead41b822adc0d4bb67bc1a5cda9a3e4ba9c5c"}},"tags":["exe","signed","stealc","stealer","vidar","infostealer"],"malwareFamily":"Vidar","confidence":null,"publishedAt":"2026-06-22T14:38:29Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/85faf8edd9d7b2c78e1a8bddd0ead41b822adc0d4bb67bc1a5cda9a3e4ba9c5c/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-69e3b714d2a4fac4a6ba67c144a248714349c094d48fb40b2f11ddaff72ee27c","source":"malware-bazaar","category":"malware","severity":"high","title":"ohshit.spc","description":"File type: elf | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"2e01679e7d06069f8beb9fc45d9b0f29","sha1":"0108269aa827355566bb80f76f3a62ccb6038c93","sha256":"69e3b714d2a4fac4a6ba67c144a248714349c094d48fb40b2f11ddaff72ee27c"}},"tags":["elf","Mirai","botnet"],"malwareFamily":"Mirai","confidence":null,"publishedAt":"2026-06-22T14:35:08Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/69e3b714d2a4fac4a6ba67c144a248714349c094d48fb40b2f11ddaff72ee27c/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-c5bb14bf2a888516c14fe64f769eb0ee5b06a4ddb038f6baabf69c65acaa8345","source":"malware-bazaar","category":"malware","severity":"high","title":"libwinpthread-1.dll","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"9bd6df880bbe0fd7a6a610ab49daec0f","sha1":"fd66356020e73bd36f0963df901e40d38006e133","sha256":"c5bb14bf2a888516c14fe64f769eb0ee5b06a4ddb038f6baabf69c65acaa8345"}},"tags":["dll","exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:33:07Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/c5bb14bf2a888516c14fe64f769eb0ee5b06a4ddb038f6baabf69c65acaa8345/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-a30e92239077cdd1e016ecb91c682a92c59a22c8d18836cc3d3761ee4e0279f4","source":"malware-bazaar","category":"malware","severity":"high","title":"ParalivesTrainer.exe","description":"File type: exe | Reporter: burger403","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"0b2deab99584acf6fecf1dbdc3dcae8d","sha1":"7d92885fea4a89902d31039ffa0f31c558413393","sha256":"a30e92239077cdd1e016ecb91c682a92c59a22c8d18836cc3d3761ee4e0279f4"}},"tags":["exe"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:32:19Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/a30e92239077cdd1e016ecb91c682a92c59a22c8d18836cc3d3761ee4e0279f4/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-409ad0799fe0b1ca3265d58f95eb13b7d56d6bad1f7346459fb02f772a3bf751","source":"malware-bazaar","category":"malware","severity":"high","title":"setup.exe","description":"File type: exe | Reporter: burger403","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"be2bc476dc6a18164b63ecc75e85cde8","sha1":"a37e1c91a8f00ddd5b86ae6848b8e2163843b3f2","sha256":"409ad0799fe0b1ca3265d58f95eb13b7d56d6bad1f7346459fb02f772a3bf751"}},"tags":["exe","RemusStealer","signed"],"malwareFamily":"RemusStealer","confidence":null,"publishedAt":"2026-06-22T14:30:11Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/409ad0799fe0b1ca3265d58f95eb13b7d56d6bad1f7346459fb02f772a3bf751/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-d337ba3b1ea0946b50973a01b66e2d9e26c6693109b6ac196a43ee6e20300e4b","source":"malware-bazaar","category":"malware","severity":"high","title":"socolive22.exe","description":"File type: exe | Reporter: abuse_ch","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"3ebaabe329226d8e7428bc1c4dcb9e3c","sha1":"acde6fbb8be8f20540a7dc0a91429326635d0d7b","sha256":"d337ba3b1ea0946b50973a01b66e2d9e26c6693109b6ac196a43ee6e20300e4b"}},"tags":["exe","NanoCore","RAT"],"malwareFamily":"NanoCore","confidence":null,"publishedAt":"2026-06-22T14:25:05Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/d337ba3b1ea0946b50973a01b66e2d9e26c6693109b6ac196a43ee6e20300e4b/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-03ab8ad3d41ca487e715290a68e3f90d671f36ffeda8c12439d2d7c92880948e","source":"malware-bazaar","category":"malware","severity":"high","title":"file","description":"File type: exe | Reporter: Bitsight","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"05cacbb03802272dcc3e6747d79069fe","sha1":"30e669ff4710b6e5dd195221af5c068c7f2acf37","sha256":"03ab8ad3d41ca487e715290a68e3f90d671f36ffeda8c12439d2d7c92880948e"}},"tags":["dropped-by-GCleaner","exe","F","MIX1.file","signed"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:23:09Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/03ab8ad3d41ca487e715290a68e3f90d671f36ffeda8c12439d2d7c92880948e/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-ff1860389f41deedf8b72f3cd4cf7b33584c0b329264bb58d1d62d0f6cda777d","source":"malware-bazaar","category":"malware","severity":"high","title":"НсаtаlinаХ64-v.6.981.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"7d8946ca862fe4a2cfe723f8583f4767","sha1":"36d2ab1dd36957542552164c77dc387308be4b1a","sha256":"ff1860389f41deedf8b72f3cd4cf7b33584c0b329264bb58d1d62d0f6cda777d"}},"tags":["exe","signed","stealc","stealer","vidar","infostealer"],"malwareFamily":"Vidar","confidence":null,"publishedAt":"2026-06-22T14:21:52Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/ff1860389f41deedf8b72f3cd4cf7b33584c0b329264bb58d1d62d0f6cda777d/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-c8545034cd4fe71eeadb24dacddc5da95c4311c7112c299f1325801f3e06f928","source":"malware-bazaar","category":"malware","severity":"high","title":"c8545034cd4fe71eeadb24dacddc5da95c4311c7112c299f1325801f3e06f928","description":"File type: elf | Reporter: c2hunter","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"6c533f0ae1236042ce2ac05e81719feb","sha1":"7170172f780599e295bf76fbaf8f2dcde28d955e","sha256":"c8545034cd4fe71eeadb24dacddc5da95c4311c7112c299f1325801f3e06f928"}},"tags":["elf","Mirai","wraith","botnet"],"malwareFamily":"Mirai","confidence":null,"publishedAt":"2026-06-22T14:17:21Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/c8545034cd4fe71eeadb24dacddc5da95c4311c7112c299f1325801f3e06f928/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-88d028a54a136782982817d1d93c89b075b7f04897b0c0681311add7c8712eb6","source":"malware-bazaar","category":"malware","severity":"high","title":"88d028a54a136782982817d1d93c89b075b7f04897b0c0681311add7c8712eb6","description":"File type: elf | Reporter: c2hunter","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"c3406825be3171f85be5992c232114e1","sha1":"b25420bc4f64cec574015d962e96e6a04e94695f","sha256":"88d028a54a136782982817d1d93c89b075b7f04897b0c0681311add7c8712eb6"}},"tags":["elf","Mirai","wraith","botnet"],"malwareFamily":"Mirai","confidence":null,"publishedAt":"2026-06-22T14:17:19Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/88d028a54a136782982817d1d93c89b075b7f04897b0c0681311add7c8712eb6/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-3ad48bae18b7ea8e7ffe3608b6eeaa4673b6ff47e9e6a21def774eecba66364a","source":"malware-bazaar","category":"malware","severity":"high","title":"3ad48bae18b7ea8e7ffe3608b6eeaa4673b6ff47e9e6a21def774eecba66364a","description":"File type: elf | Reporter: c2hunter","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"59b98f52977620c5e3356981226afc7a","sha1":"95940e97688109bec4bb27124828abff8272119a","sha256":"3ad48bae18b7ea8e7ffe3608b6eeaa4673b6ff47e9e6a21def774eecba66364a"}},"tags":["elf","Mirai","wraith","botnet"],"malwareFamily":"Mirai","confidence":null,"publishedAt":"2026-06-22T14:17:10Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/3ad48bae18b7ea8e7ffe3608b6eeaa4673b6ff47e9e6a21def774eecba66364a/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-f3321076596f3bf0f3cf48b50437c694b726e787d5703915bcb33bac49701551","source":"malware-bazaar","category":"malware","severity":"high","title":"mpclient.dll","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"adf6a14557d511c3e960b22c4e645b54","sha1":"75ec993235a9dc4a5aab04f372e1f7a8b2ef66d2","sha256":"f3321076596f3bf0f3cf48b50437c694b726e787d5703915bcb33bac49701551"}},"tags":["dll","exe","signed","stealc","stealer","vidar","infostealer"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:16:37Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/f3321076596f3bf0f3cf48b50437c694b726e787d5703915bcb33bac49701551/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-58ff722ee7e956e18d938137c41fb7c915caea262c088344aba71729c53e843a","source":"malware-bazaar","category":"malware","severity":"high","title":"loadermanager.lua","description":"File type: lua | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"11e3254f10f02bc6ed3ece26c5d80560","sha1":"ed8a95cb343b1a37f21dad158aaf51c3003902e2","sha256":"58ff722ee7e956e18d938137c41fb7c915caea262c088344aba71729c53e843a"}},"tags":["base64","lua","payload","suspicious"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:12:21Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/58ff722ee7e956e18d938137c41fb7c915caea262c088344aba71729c53e843a/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-e350ca46f64afa440429285396c60ff2ac5c325996eed910832bd94c9f43c487","source":"malware-bazaar","category":"malware","severity":"high","title":"file","description":"File type: exe | Reporter: Bitsight","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"343da20a5db5a3dcfff78d3ee853038b","sha1":"10bbf24515ca365e2333d6129ef439a38c146ee8","sha256":"e350ca46f64afa440429285396c60ff2ac5c325996eed910832bd94c9f43c487"}},"tags":["CoinMiner","d52f85","dropped-by-Amadey","exe"],"malwareFamily":"CoinMiner","confidence":null,"publishedAt":"2026-06-22T14:10:26Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/e350ca46f64afa440429285396c60ff2ac5c325996eed910832bd94c9f43c487/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"malbaz-f1df00a47848af0d79c74d7cf3040dc07f80ef3db960b7a78cfd9b7cbc80ef1b","source":"malware-bazaar","category":"malware","severity":"high","title":"XENO.exe","description":"File type: exe | Reporter: Kejult","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":"7ee470fa82fd63c493ac5b21e56d62a4","sha1":"df075540dd088005ec64a0151a7faf6a66ba5680","sha256":"f1df00a47848af0d79c74d7cf3040dc07f80ef3db960b7a78cfd9b7cbc80ef1b"}},"tags":["blankgrabber","exe","stealer"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:08:53Z","fetchedAt":"2026-06-22T15:00:01.780Z","references":[{"url":"https://bazaar.abuse.ch/sample/f1df00a47848af0d79c74d7cf3040dc07f80ef3db960b7a78cfd9b7cbc80ef1b/","label":"MalwareBazaar","domainType":"primary"}],"feedLabel":null},{"id":"news-arystinger-botnet-infected-thousands-of-d-link-routers-worldwide","source":"general-news","category":"news","severity":"high","title":"AryStinger botnet infected thousands of D-Link routers worldwide","description":"A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious traffic. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-21T14:14:22.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/arystinger-botnet-infected-thousands-of-d-link-routers-worldwide/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers","source":"general-news","category":"news","severity":"high","title":"Microsoft links Mastra AI supply chain attack to North Korean hackers","description":"Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["supply-chain"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T14:09:19.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-canada-s-spy-agency-used-first-of-its-kind-warrant-to-clean-botnet-infected-devi","source":"general-news","category":"news","severity":"high","title":"Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices","description":"Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets.\n\nThe Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence Ser…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T09:11:37.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-arystinger-malware-infects-4-300-legacy-routers-to-build-reconnaissance-proxy-ne","source":"general-news","category":"news","severity":"high","title":"AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network","description":"A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin's XLab calls it AryStinger and counts at least 4,300 infected routers, a total it says is still rising.\n\nThe distinction matters. A…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T06:57:44.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/arystinger-malware-infects-4300-legacy.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-threatsday-bulletin-claude-chat-abuse-nastyc2-npm-packages-device-code-phishing-","source":"general-news","category":"news","severity":"high","title":"ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories","description":"The internet did not break this week. It got used exactly as designed, which is worse.\n\nSearches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory and left almost nothing behind. Cloud agents looked like helpers until attackers…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing","botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T15:27:54.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/threatsday-bulletin-claude-chat-abuse.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-microsoft-details-windows-clipper-malware-campaign-using-usb-lnk-worm-and-tor-ba","source":"general-news","category":"news","severity":"high","title":"Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2","description":"Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign codenamed CryptoBandits that has\n targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities and using the Tor anonymity network to hide communication.\n\"The clipper in this…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:30:42.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-junior-hacker-used-tailscale-and-openssh-to-keep-access-after-his-c2-went-offlin","source":"general-news","category":"news","severity":"high","title":"Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline","description":"A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials.\n\nOrdinary stuff, until one move near the end.\n\nBefore his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim's machine, building a…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet","infostealer"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T16:00:56.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-145-mastra-npm-packages-compromised-via-hijacked-contributor-account","source":"general-news","category":"news","severity":"high","title":"145 Mastra npm Packages Compromised via Hijacked Contributor Account","description":"As many as 145 npm packages associated with the Mastra namespace (\"@mastra/*\"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from E…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["supply-chain"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T07:38:24.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-china-linked-sprysocks-backdoor-expands-to-windows-with-driver-based-stealth","source":"general-news","category":"news","severity":"high","title":"China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth","description":"Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS.\n\n\"The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS,\" ESET said in a report shared with The Hacker News. \"Both come with…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T09:44:34.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-north-korean-hackers-blamed-for-mastra-npm-supply-chain-attack","source":"general-news","category":"news","severity":"high","title":"North Korean Hackers Blamed for Mastra NPM Supply Chain Attack","description":"A malicious dependency the attackers added to over 140 Mastra packages fetches a payload targeting cryptocurrency extensions.\nThe post North Korean Hackers Blamed for Mastra NPM Supply Chain Attack appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["supply-chain"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T11:10:06.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/north-korean-hackers-blamed-for-mastra-npm-supply-chain-attack/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-in-other-news-apple-patches-beats-eavesdropping-flaw-dot-closes-delta-crowdstrik","source":"general-news","category":"news","severity":"high","title":"In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum","description":"Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP Config Connector flaw enables takeover.\nThe post In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStri…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T15:23:36.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/in-other-news-apple-patches-beats-eavesdropping-flaw-dot-closes-delta-crowdstrike-probe-aws-continuum/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-microsoft-attributes-mastra-ai-supply-chain-attack-to-north-korea","source":"general-news","category":"news","severity":"high","title":"Microsoft Attributes Mastra AI Supply Chain Attack to North Korea","description":"North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["supply-chain"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T11:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/mastra-ai-supply-chain-attack/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-sprysocks-backdoor-expands-from-linux-to-windows","source":"general-news","category":"news","severity":"high","title":"SprySOCKS Backdoor Expands From Linux to Windows","description":"China-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commands","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/sprysocks-backdoor-windows/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-police-raid-malware-network-tied-to-russia-s-evil-corp-hacker-group","source":"general-news","category":"news","severity":"high","title":"Police raid malware network tied to Russia's Evil Corp hacker group","description":"An international operation targeted the SocGholish botnet, which has been linked to the Russia-based cybercrime group Evil Corp.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T12:57:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://therecord.media/socgholish-botnet-disrupted","label":"The Record","domainType":"media"}],"feedLabel":null},{"id":"news-authorities-disrupt-evil-corp-s-socgholish-botnet","source":"general-news","category":"news","severity":"high","title":"Authorities disrupt Evil Corp’s SocGholish botnet","description":"Cybersecurity firms, researchers and officials took down 106 servers and remediated nearly 15,000 sites that were infected with the malware.\nThe post Authorities disrupt Evil Corp’s SocGholish botnet appeared first on CyberScoop.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["botnet"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T22:03:32.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://cyberscoop.com/socgholish-malware-botnet-takedown-evilcorp/","label":"CyberScoop","domainType":"media"}],"feedLabel":null},{"id":"news-accenture-shells-out-4-18b-on-three-companies-in-big-industrial-cybersecurity-pu","source":"general-news","category":"news","severity":"high","title":"Accenture shells out $4.18B on three companies in big industrial cybersecurity push","description":"The consulting giant’s majority stake in Dragos, along with the purchase runZero and NetRise, marks its first major push into operational technology software as AI-driven threats to critical infrastructure intensify.\nThe post Accenture shells out $4.18B on three companies in big industrial cybersecu…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ics"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T15:05:03.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://cyberscoop.com/accenture-industrial-cybersecurity-acquisition-dragos-netrise-runzero/","label":"CyberScoop","domainType":"media"}],"feedLabel":null},{"id":"cisa-adv-cisa-urges-hardening-fortinet-devices-after-reports-of-credential-exposure","source":"cisa-advisories","category":"advisory","severity":"medium","title":"CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure","description":"CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices across government and private sector organizations using compromised credentials. This activity, referred to as FortiBleed, involves the exposure of leaked credentials associated with appro…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/alerts/2026/06/18/cisa-urges-hardening-fortinet-devices-after-reports-credential-exposure","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"threatfox-1834908","source":"threatfox","category":"threat-intel","severity":"medium","title":"payload: undefined","description":"https://github.com/TheRavenFile/Daily-Hunt/blob/main/Akira%20Ransomware","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["ContagiousInterview","akira","elf","Ransomware","note","ransomnote","ClickFix","crypter","rundll32","WebDav","hta-polyglot","Loader","msix","IoT","Mozi","China","CrowDoor","FamousSparrow","Telecom","TernDoor","TropicTrooper","UAT-9244","malicious","Kongtuke","python-backdoor","winpython","Sheet Rat","SheetRAT","powershell-loader","RC4","Dropper","fake-document","logmein-resolve","rmm","vbs","discord-c2","golang","infostealer","vileransomware","Downloader","iran","mois","MuddyWater","stagecomp","ransomware","botnet"],"malwareFamily":"Meterpreter","confidence":100,"publishedAt":"2026-06-21T16:40:53Z","fetchedAt":"2026-06-22T15:00:01.204Z","references":[{"url":"https://github.com/TheRavenFile/Daily-Hunt/blob/main/Akira%20Ransomware","label":"ThreatFox","domainType":"primary"},{"url":"https://www.virustotal.com/gui/file/c343f53916747c5b8a60aed844b1882863f432af65867297edf1913f167c4f68","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/13420d64ce091f6dc0505d5a2ca5858f6080f3d91580459c2284bd68fdcb1979","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/27.37.111.24:48041","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/110.37.13.96:37828","label":"ThreatFox","domainType":"other"},{"url":"https://honeylabs.net/lookup/77.110.122.49","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/24adb118a6f7a8d717bb3d3329c33f6b0eb39046a8fb7f2b3a1fff21436bf7d2","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/bb4e08d8d96ace12a659a07d0ede31546e121176321b1d0f8cd15fe0f62127c0","label":"ThreatFox","domainType":"other"},{"url":"https://github.com/yankywilson/terndoor-uat9244","label":"ThreatFox","domainType":"primary"},{"url":"https://www.virustotal.com/gui/file/3d1d192e9879d33a954ea6e5eb0199cd3cb03622d88f2aebd50074eade956f61","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/9e4235c530fc10df9225e9ab98095d7a19d35f9e4ebf50a74dcb4b1e7bf86170","label":"ThreatFox","domainType":"other"},{"url":"https://www.virustotal.com/gui/file/725162f784b4438559ad5c434a0cb6f634a2a09f2aba1e4d5e5047f6e37f15a0","label":"ThreatFox","domainType":"other"},{"url":"https://github.com/yankywilson/vile-ransomware-cti","label":"ThreatFox","domainType":"primary"},{"url":"https://github.com/yankywilson/muddywater-stagecomp-moonzonet","label":"ThreatFox","domainType":"primary"}],"feedLabel":null},{"id":"news-webinar-how-attackers-bypass-mfa-and-how-defenders-can-respond","source":"general-news","category":"news","severity":"medium","title":"Webinar: How attackers bypass MFA and how defenders can respond","description":"Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate response workflows. [...…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T12:12:20.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/webinar-how-attackers-bypass-mfa-and-how-defenders-can-respond/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-crypto-clipper-campaign-abuses-fake-reviews-ai-narrators-and-virustotal-comments","source":"general-news","category":"news","severity":"medium","title":"Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments","description":"An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research.\n\nThe threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub,…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T18:14:24.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/crypto-clipper-campaign-abuses-fake.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-fake-microsoft-alerts-used-to-deploy-north-korean-narwhalrat-malware","source":"general-news","category":"news","severity":"medium","title":"Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware","description":"The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new malware called NarwhalRAT.\n\n\"The attack email contained a message impersonating an MS account security…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T08:14:55.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-north-korean-hackers-are-turning-developer-tools-into-malware-delivery-channels","source":"general-news","category":"news","severity":"medium","title":"North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels","description":"Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi).\n\nAccording to a report published by Proofpoint, the threat actor has b…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T19:32:52.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/north-korean-hackers-are-turning.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-one-click-microsoft-365-copilot-flaw-could-have-let-attackers-steal-emails-files","source":"general-news","category":"news","severity":"medium","title":"One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes","description":"A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.\n\nResearchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link poin…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T15:09:05.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-sweeping-credential-harvesting-heist-compromises-30k-fortinet-devices","source":"general-news","category":"news","severity":"medium","title":"Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices","description":"Attackers are actively targeting various sectors across nearly 200 countries and already have compiled a list of working credentials for tens of thousands of compromised devices.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T14:06:34.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyberattacks-data-breaches/sweeping-credential-harvesting-heist-compromises-30k-fortinet-devices","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-the-beginning-of-the-end-of-social-engineering","source":"general-news","category":"news","severity":"medium","title":"The Beginning of the End of Social Engineering","description":"AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T15:08:32.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyberattacks-data-breaches/beginning-end-social-engineering","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-fortinet-responds-to-fortibleed-campaign","source":"general-news","category":"news","severity":"medium","title":"Fortinet Responds to FortiBleed Campaign","description":"A database of over 86,000 confirmed working credentials was created during the credential-harvesting campaign.\nThe post Fortinet Responds to FortiBleed Campaign appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T09:34:59.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/fortinet-responds-to-fortibleed-campaign/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-serverless-phishing-kit-on-github-targets-mexican-banks","source":"general-news","category":"news","severity":"medium","title":"Serverless Phishing Kit on GitHub Targets Mexican Banks","description":"GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":["phishing"],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/gitbait-github-pages-sheetbest/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"cisa-adv-cisa-adds-one-known-exploited-vulnerability-to-catalog","source":"cisa-advisories","category":"advisory","severity":"unknown","title":"CISA Adds One Known Exploited Vulnerability to Catalog","description":"CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.\nCVE-2026-20253 Splunk Enterprise Missing Authentication for Critical Function Vulnerability\nThis type of vulnerability is a frequent attack vector for malicious cyber…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T12:00:00.000Z","fetchedAt":"2026-06-22T15:00:00.175Z","references":[{"url":"https://www.cisa.gov/news-events/alerts/2026/06/18/cisa-adds-one-known-exploited-vulnerability-catalog","label":"CISA Advisory","domainType":"primary"},{"url":"https://www.cisa.gov/news-events/alerts/2026/06/16/cisa-adds-one-known-exploited-vulnerability-catalog","label":"CISA Advisory","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2025-5791-users-root-appended-to-group-listings","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2025-5791 Users: `root` appended to group listings","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:40:10.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-5791","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2025-4574-crossbeam-channel-crossbeam-channel-vulnerable-to-double-free-on-d","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:39:58.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-4574","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45445-aes-ocb-iv-ignored-on-evp-cipher-path","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:40:55.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45445","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-34183-unbounded-memory-growth-in-the-quic-path-challenge-handler","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:41:20.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34183","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-7383-possible-heap-buffer-overflow-in-asn-1-multibyte-string-conversion","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:43:24.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7383","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42768-multi-recipientinfo-bleichenbacher-oracle-in-cms-decrypt-and-pkcs","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:41:45.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42768","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-9076-out-of-bounds-read-in-cms-password-based-decryption","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-9076 Out-of-Bounds Read in CMS Password-Based Decryption","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:42:01.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9076","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45446-incorrect-tag-processing-for-empty-messages-in-aes-gcm-siv-and-ae","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:42:18.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45446","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42766-possible-null-dereference-in-password-based-cms-decryption","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:42:43.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42766","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42767-null-pointer-dereference-in-crmf-encryptedvalue-decryption","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:43:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42767","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-34180-heap-buffer-over-read-in-asn-1-content-parsing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:43:31.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34180","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-44967-opentelemetry-cpp-otlp-http-exporters-read-unbounded-http-respons","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:43:49.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44967","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-46331-net-sched-fix-pedit-partial-cow-leading-to-page-cache-corruption","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T08:43:41.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46331","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45485-microsoft-office-information-disclosure-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45485","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44821","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45460","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45466-microsoft-word-information-disclosure-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45466","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45649-office-for-android-spoofing-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45649 Office for Android Spoofing Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45649","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-44822-microsoft-excel-information-disclosure-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44822","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45455","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45459-microsoft-excel-security-feature-bypass-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45459 Microsoft Excel Security Feature Bypass Vulnerability","description":"Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45459","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12439-use-after-free-in-digital-credentials","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12439 Use after free in Digital Credentials","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12439","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12440-use-after-free-in-digitalcredentials","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12440 Use after free in DigitalCredentials","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12440","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12451","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12445-use-after-free-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12445 Use after free in Extensions","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12445","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12467","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11653","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12446-insufficient-data-validation-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12446 Insufficient data validation in Passwords","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12446","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12441-use-after-free-in-file-input","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12441 Use after free in File Input","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12441","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11630","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12447-heap-buffer-overflow-in-webrtc","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12447","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12466","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12443-use-after-free-in-web-authentication","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12443 Use after free in Web Authentication","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12443","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12452-use-after-free-in-downloads","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12452 Use after free in Downloads","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12452","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12453-insufficient-validation-of-untrusted-input-in-input","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12453","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11667","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12455-use-after-free-in-tab-strip","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12455 Use after free in Tab Strip","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12455","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12456-insufficient-validation-of-untrusted-input-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12456","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11659","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11654","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12458-incorrect-security-ui-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12458 Incorrect security UI in Passwords","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12458","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12457-insufficient-data-validation-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12457 Insufficient data validation in Extensions","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12457","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12459-inappropriate-implementation-in-serial","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12459 Inappropriate implementation in Serial","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12459","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12460-insufficient-policy-enforcement-in-file-system-access","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12460","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12462-use-after-free-in-media","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12462 Use after free in Media","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12462","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11681","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12464-use-after-free-in-browser","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12464 Use after free in Browser","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12464","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12463-inappropriate-implementation-in-views","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12463 Inappropriate implementation in Views","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12463","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12465-insufficient-validation-of-untrusted-input-in-metrics","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12465","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12454-race-in-safe-browsing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12454 Race in Safe Browsing","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12454","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12468-inappropriate-implementation-in-updater","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12468 Inappropriate implementation in Updater","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12468","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12449-use-after-free-in-chromoting","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12449 Use after free in Chromoting","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12449","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12444-out-of-bounds-read-in-chromoting","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12444 Out of bounds read in Chromoting","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12444","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12437-use-after-free-in-webshare","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12437 Use after free in WebShare","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12437","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-12461-out-of-bounds-read-in-webrtc","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-12461 Out of bounds read in WebRTC","description":"Corrected CVE title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12461","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11668","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42903-windows-kerberos-denial-of-service-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability","description":"Updated an acknowledgement. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42903","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12439-use-after-free-in-digital-credentials","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12439 Use after free in Digital Credentials","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:19.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12439","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12440-use-after-free-in-digitalcredentials","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12440 Use after free in DigitalCredentials","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:22.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12440","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12451","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12445-use-after-free-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12445 Use after free in Extensions","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:26.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12445","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12467","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12446-insufficient-data-validation-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12446 Insufficient data validation in Passwords","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:27.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12446","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12441-use-after-free-in-file-input","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12441 Use after free in File Input","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:24.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12441","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12447-heap-buffer-overflow-in-webrtc","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12447 Heap buffer overflow in WebRTC","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:29.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12447","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12466","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12443-use-after-free-in-web-authentication","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12443 Use after free in Web Authentication","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:25.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12443","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12452-use-after-free-in-downloads","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12452 Use after free in Downloads","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:31.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12452","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12453-insufficient-validation-of-untrusted-input-in-input","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12453 Insufficient validation of untrusted input in Input","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:33.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12453","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12455-use-after-free-in-tab-strip","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12455 Use after free in Tab Strip","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:34.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12455","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12456-insufficient-validation-of-untrusted-input-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12456 Insufficient validation of untrusted input in Extensions","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:36.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12456","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12458-incorrect-security-ui-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12458 Incorrect security UI in Passwords","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:38.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12458","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12457-insufficient-data-validation-in-extensions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12457 Insufficient data validation in Extensions","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:37.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12457","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12459-inappropriate-implementation-in-serial","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12459 Inappropriate implementation in Serial","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:39.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12459","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12460-insufficient-policy-enforcement-in-file-system-access","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12460 Insufficient policy enforcement in File System Access","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:40.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12460","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12462-use-after-free-in-media","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12462 Use after free in Media","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:42.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12462","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12464-use-after-free-in-browser","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12464 Use after free in Browser","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:44.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12464","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12463-inappropriate-implementation-in-views","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12463 Inappropriate implementation in Views","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:43.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12463","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12465-insufficient-validation-of-untrusted-input-in-metrics","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12465 Insufficient validation of untrusted input in Metrics","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:46.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12465","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12454-race-in-safe-browsing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12454 Race in Safe Browsing","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:50.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12454","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12468-inappropriate-implementation-in-updater","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12468 Inappropriate implementation in Updater","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:52.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12468","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12449-use-after-free-in-chromoting","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12449 Use after free in Chromoting","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:56.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12449","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12444-out-of-bounds-read-in-chromoting","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12444 Out of bounds read in Chromoting","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:55.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12444","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12437-use-after-free-in-webshare","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12437 Use after free in WebShare","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:53.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12437","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12461-out-of-bounds-read-in-webrtc","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12461 Out of bounds read in WebRTC","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:52:57.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12461","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-24289-windows-kernel-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability","description":"Acknowledgement added. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24289","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-32177-net-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-32177 .NET Elevation of Privilege Vulnerability","description":"Removed incorrectly added rows from the Security Updates table.  This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2025-6965-integer-truncation-on-sqlite","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2025-6965 Integer Truncation on SQLite","description":"Added Visual Studio software to the Security Updates table.  Customers that are running supported version of Visual Studio are encouraged to update to the indicated version to be protected from this vulnerability.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-6965","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-8376-perl-versions-through-5-43-10-have-a-heap-buffer-overflow-when-com","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-8376 Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:40:20.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8376","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-48914-qemu-kvm-heap-buffer-overflow-in-virtio-blk-scsi-request-handling","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:43:42.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48914","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42014-gnutls-fix-use-after-free-in-gnutls-pkcs11-token-set-pin","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42014 Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:01:29.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42014","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-53689","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-53689 ","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:01:36.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53689","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-12087-socket-versions-before-2-041-for-perl-have-an-out-of-bounds-heap-","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:01:42.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12087","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-9669-bz2-bz2decompressor-reuse-after-error-can-cause-a-stack-buffer-ove","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:01:47.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9669","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-43966-http-response-splitting-via-non-vchar-bytes-in-cow-http-struct-hd","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:01:53.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-43966","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-10275-opensc-pkcs11-tool-key-generation-pkcs11-tool-c-test-kpgen-certwr","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T08:40:27.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10275","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-47633-microsoft-cost-management-information-disclosure-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability","description":"Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47633","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-32208-microsoft-edge-chromium-based-spoofing-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-32208 Microsoft Edge (Chromium-based) Spoofing Vulnerability","description":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker to perform spoofing over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32208","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-32174-azure-bot-service-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability","description":"Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32174","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45480-azure-active-directory-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability","description":"Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45480","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42895-microsoft-copilot-tampering-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42895 Microsoft Copilot Tampering Vulnerability","description":"Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42895","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-54130-m365-copilot-information-disclosure-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability","description":"Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54130","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-47647-dynamics-365-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability","description":"Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47647","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-48584-microsoft-azure-synapse-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability","description":"Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48584","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-48582-microsoft-exchange-online-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability","description":"Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48582","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-47645-microsoft-365-copilot-s-business-chat-elevation-of-privilege-vuln","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability","description":"Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47645","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-47646-dynamics-365-customer-voice-spoofing-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-47646 Dynamics 365 Customer Voice Spoofing Vulnerability","description":"Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47646","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2025-71073-input-lkkbd-disable-pending-work-before-freeing-device","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2025-71073 Input: lkkbd - disable pending work before freeing device","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:48:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71073","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2025-71072-shmem-fix-recovery-on-rename-failures","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2025-71072 shmem: fix recovery on rename failures","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:48:17.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71072","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-28387-potential-use-after-free-in-dane-client-code","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-28387 Potential Use-after-free in DANE Client Code","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:50:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28387","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-43308-btrfs-don-t-bug-on-unexpected-delayed-ref-type-in-run-one-delayed","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:48:34.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-43308","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-25681-invoking-incorrect-handling-of-character-references-in-doctype-no","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-25681 Invoking  incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:40:41.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25681","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-25680-invoking-denial-of-service-when-parsing-arbitrary-html-in-golang-","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:40:25.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25680","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45447-heap-use-after-free-in-the-pkcs7-verify-function","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:41:13.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45447","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-48854-unbounded-request-body-accumulation-causes-memory-exhaustion-in-e","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:01:50.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48854","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-46292-pmdomain-core-fix-detach-procedure-for-virtual-devices-in-genpd","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:49:51.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46292","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-46274-io-wq-check-that-the-predecessor-is-hashed-in-io-wq-remove-pendin","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending()","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:50:04.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46274","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-46291-crypto-caam-guard-hmac-key-hex-dumps-in-hash-digest-key","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:50:14.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46291","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-46293-clk-microchip-mpfs-ccc-fix-out-of-bounds-access-during-output-reg","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:50:27.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46293","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-34182-cms-authenvelopeddata-processing-may-accept-forged-messages","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T08:41:57.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34182","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-47636-microsoft-sharepoint-server-spoofing-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability","description":"Acknowledgement added. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47636","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42828-windows-projected-file-system-elevation-of-privilege-vulnerabilit","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability","description":"Acknowledgement added. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42828","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-40371-microsoft-dynamics-365-on-premises-elevation-of-privilege-vulnera","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability","description":"Updated the fixed version information and download link. The fix was previously believed to be included in Dynamics 365 Server (on-premises) version 6.2; however, it has been confirmed that the fix is included in Dynamics 365 Server v9.1 (on-premises) Update 1.45 (version 9.1.0045.0011). The downloa…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40371","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-45602-windows-dynamic-host-configuration-protocol-dhcp-tampering-vulner","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability","description":"Updated CWE value.  This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45602","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-50656-microsoft-defender-elevation-of-privilege-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability","description":"Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as \"RoguePlanet \". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-42915-microsoft-windows-vmswitch-denial-of-service-vulnerability","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability","description":"Corrected the CVE description and title. This is an informational change only.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42915","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-cve-2026-54411-linux-pam-through-1-7-2-contains-an-observable-timing-discrepancy","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.","description":"Information published.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T08:01:29.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54411","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11628-use-after-free-in-ozone","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11628 Use after free in Ozone","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:29.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11628","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11629","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11682","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11631-use-after-free-in-aura","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11631 Use after free in Aura","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:34.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11631","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11632-use-after-free-in-tabstrip","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11632 Use after free in TabStrip","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:35.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11632","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11633-use-after-free-in-bluetooth","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11633 Use after free in Bluetooth","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:37.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11633","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11635","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11641","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11699","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11700","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11634-use-after-free-in-gamepad","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11634 Use after free in Gamepad","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:38.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11634","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11639-use-after-free-in-compositing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11639 Use after free in Compositing","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:45.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11639","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11637-use-after-free-in-views","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11637 Use after free in Views","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:42.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11637","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11644","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11662","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11636-use-after-free-in-autofill","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11636 Use after free in Autofill","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:41.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11636","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11638-use-after-free-in-printing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11638 Use after free in Printing","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:44.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11638","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11648","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11640-integer-overflow-in-libyuv","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11640 Integer overflow in libyuv","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:47.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11640","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11679","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11642-use-after-free-in-web-apps","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11642 Use after free in Web Apps","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:49.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11642","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11645-out-of-bounds-memory-access-in-v8","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11645 Out of bounds memory access in V8","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:53.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11645","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11643-use-after-free-in-proxy","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11643 Use after free in Proxy","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:50.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11643","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11646-use-after-free-in-viewtransitions","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11646 Use after free in ViewTransitions","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:54.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11646","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11657-use-after-free-in-payments","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11657 Use after free in Payments","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:10.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11658","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11665","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11660-insufficient-validation-of-untrusted-input-in-new-tab-pa","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:15.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11661","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11692","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11659-insufficient-validation-of-untrusted-input-in-ui","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:13.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11660","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11698","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11663-use-after-free-in-skia","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11663 Use after free in Skia","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:19.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11664","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11662-type-confusion-in-bindings","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11662 Type Confusion in Bindings","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:18.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11663","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11665-out-of-bounds-read-in-dawn","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11665 Out of bounds read in Dawn","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:22.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11666","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11668-uninitialized-use-in-codecs","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11668 Uninitialized Use in Codecs","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:26.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11669","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11669-integer-overflow-in-media","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11669 Integer overflow in Media","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:27.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11670","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11656","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11670-use-after-free-in-pdf","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11670 Use after free in PDF","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:28.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11671","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11671-use-after-free-in-navigation","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11671 Use after free in Navigation","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:30.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11672","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11672-out-of-bounds-write-in-gpu","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11672 Out of bounds write in GPU","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:31.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11673","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11673-use-after-free-in-interestgroups","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11673 Use after free in InterestGroups","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:32.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11674","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11675-insufficient-validation-of-untrusted-input-in-skia","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11675 Insufficient validation of untrusted input in Skia","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:35.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11676","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11674-use-after-free-in-guest-view","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11674 Use after free in Guest View","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:34.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11675","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11676-insufficient-validation-of-untrusted-input-in-dawn","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11676 Insufficient validation of untrusted input in Dawn","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:36.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11677","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11687","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11677-race-in-network","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11677 Race in Network","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:37.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11678","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11679-use-after-free-in-codecs","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11679 Use after free in Codecs","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:40.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11680","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11682-insufficient-validation-of-untrusted-input-in-views","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:44.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11683","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11683-use-after-free-in-webcodecs","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11683 Use after free in WebCodecs","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:45.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11684","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11684-insufficient-policy-enforcement-in-network","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11684 Insufficient policy enforcement in Network","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:46.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11685","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11687-use-after-free-in-dawn","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11687 Use after free in Dawn","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:50.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11688","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11688-object-lifecycle-issue-in-svg","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11688 Object lifecycle issue in SVG","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:52.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11689","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11685-insufficient-data-validation-in-mediacapture","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:48.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11686","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11689-insufficient-validation-of-untrusted-input-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:53.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11690","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11690-out-of-bounds-read-and-write-in-media","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11690 Out of bounds read and write in Media","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:54.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11691","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11692-use-after-free-in-read-anything","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11692 Use after free in Read Anything","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:57.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11693","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11693-inappropriate-implementation-in-plugins","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11693 Inappropriate implementation in Plugins","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:58.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11694","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11694-use-after-free-in-serviceworker","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11694 Use after free in ServiceWorker","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:59.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11695","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11657","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11695-inappropriate-implementation-in-passwords","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11695 Inappropriate implementation in Passwords","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:15:01.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11696","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11696-uninitialized-use-in-video","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11696 Uninitialized Use in Video","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:15:02.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11697","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11700-use-after-free-in-tracing","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11700 Use after free in Tracing","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:15:07.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11701","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11648-use-after-free-in-fullscreen","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11648 Use after free in FullScreen","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:57.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11649","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11651-use-after-free-in-network","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11651 Use after free in Network","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:01.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11652","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11649-use-after-free-in-v8","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11649 Use after free in V8","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:13:58.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11650","label":"Microsoft MSRC","domainType":"primary"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11651","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-chromium-cve-2026-11654-use-after-free-in-cameracapture","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Chromium: CVE-2026-11654 Use after free in CameraCapture","description":"This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T02:14:06.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11655","label":"Microsoft MSRC","domainType":"primary"}],"feedLabel":null},{"id":"vendor-close-encounters-of-the-human-kind","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Close Encounters of the Human Kind","description":"In the latest Threat Source, Hazel channels her inner Spielberg to explore why humans are delightfully irrational, reminding us that while security best practices are simple in theory, they’re a lot harder to pull off when you’re busy dealing with real life.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T18:00:24.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://blog.talosintelligence.com/close-encounters-of-the-human-kind/","label":"Cisco Talos","domainType":"other"}],"feedLabel":null},{"id":"vendor-scripting-the-disassembler-local-agentic-reverse-engineering-through-vbdec-s-liv","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model","description":"Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM interface.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T10:00:05.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://blog.talosintelligence.com/scripting-the-disassembler/","label":"Cisco Talos","domainType":"other"}],"feedLabel":null},{"id":"vendor-sd1775-flex-i-o-dual-port-ethernet-ip-adapters-multiple-vulnerabilities","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"SD1775 | FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities ","description":"CVE-2026-0646: CVSS v4.0 8.7, CVSS v3.1 7.5 | https://cveawg.mitre.org/api/cve/CVE-2026-0646CVE-2026-0647: CVSS v4.0 8.8, CVSS v3.1 9.4 | https://cveawg.mitre.org/api/cve/CVE-2026-0647Published Date: Tue Jun 16 14:14:00 UTC 2026","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T14:14:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1775.html","label":"Rockwell Automation","domainType":"primary"}],"feedLabel":null},{"id":"vendor-sd1777-factorytalk-analytics-pavilionx-improper-api-authorization","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"SD1777 | FactoryTalk® Analytics™ PavilionX™ - Improper API Authorization","description":"CVE-2025-14272: CVSS v4.0 8.3, CVSS v3.1 7.0 | https://cveawg.mitre.org/api/cve/CVE-2025-14272Published Date: Tue Jun 16 13:48:00 UTC 2026","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T13:48:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1777.html","label":"Rockwell Automation","domainType":"primary"}],"feedLabel":null},{"id":"vendor-sd1773-factorytalk-historian-site-edition-multiple-vulnerabilities","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"SD1773 | FactoryTalk Historian Site Edition - Multiple Vulnerabilities","description":"CVE-2025-13036: CVSS v4.0 9.2, CVSS v3.1 7.7 | https://cveawg.mitre.org/api/cve/CVE-2025-13036CVE-2025-44019: CVSS v4.0 7.1, CVSS v3.1 7.1 | https://cveawg.mitre.org/api/cve/CVE-2025-44019CVE-2025-36539: CVSS v4.0 7.1, CVSS v3.1 6.5 | https://cveawg.mitre.org/api/cve/CVE-2025-36539Published Date: Tu…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T13:41:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1773.html","label":"Rockwell Automation","domainType":"primary"}],"feedLabel":null},{"id":"vendor-sd1776-compactlogix-5370-controllers-multiple-vulnerabilities","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"SD1776 | CompactLogix 5370 Controllers – Multiple Vulnerabilities ","description":"CVE-2025-11694: CVSS v4.0 8.7, CVSS v3.1 7.5 | https://cveawg.mitre.org/api/cve/CVE-2025-11694CVE-2026-9307: CVSS v4.0 6.3, CVSS v3.1 5.3 | https://cveawg.mitre.org/api/cve/CVE-2026-9307Published Date: Tue Jun 16 13:27:00 UTC 2026","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T13:27:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html","label":"Rockwell Automation","domainType":"primary"}],"feedLabel":null},{"id":"vendor-sd1772-logix-5370-and-5570-controllers-vulnerable-to-denial-of-service-via-cip","source":"vendor-blogs","category":"advisory","severity":"unknown","title":"SD1772 | Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP","description":"CVE-2026-11317: CVSS v4.0 8.7, CVSS v3.1 7.5 | https://cveawg.mitre.org/api/cve/CVE-2026-11317Published Date: Tue Jun 16 12:59:00 UTC 2026 | Last Updated Date: 2026-06-16T08:59:00.000-04:00","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T12:59:00.000Z","fetchedAt":"2026-06-22T15:00:09.356Z","references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1772.html","label":"Rockwell Automation","domainType":"primary"}],"feedLabel":null},{"id":"news-a-glimpse-into-the-search-your-target-market-for-stolen-credentials","source":"general-news","category":"news","severity":"unknown","title":"A Glimpse into the “Search Your Target” Market for Stolen Credentials","description":"Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how an emerging underground market searches stolen credential databases for specific companies, domains, and accounts. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:05:15.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/a-glimpse-into-the-search-your-target-market-for-stolen-credentials/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack","source":"general-news","category":"news","severity":"unknown","title":"Klue OAuth breach victim list grows as Icarus hackers claim attack","description":"Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments, as the new \"Icarus\" extortion group publicly claims the attack. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T22:31:04.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin","source":"general-news","category":"news","severity":"unknown","title":"Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin","description":"Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T20:25:02.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-texas-govt-data-breach-exposes-over-3-million-driver-s-licenses","source":"general-news","category":"news","severity":"unknown","title":"Texas govt data breach exposes over 3 million driver’s licenses","description":"The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T16:12:41.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/texas-govt-data-breach-exposes-over-3-million-drivers-licenses/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-microsoft-june-2026-windows-updates-break-recycle-bin-prompts","source":"general-news","category":"news","severity":"unknown","title":"Microsoft: June 2026 Windows updates break Recycle Bin prompts","description":"Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T11:32:34.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-recycle-bin-bug-on-all-supported-windows-releases/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday","source":"general-news","category":"news","severity":"unknown","title":"CISA: Splunk Enterprise flaw actively exploited, patch by Sunday","description":"CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T10:39:58.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-cisa-warns-fortinet-users-to-secure-devices-after-fortibleed-leak","source":"general-news","category":"news","severity":"unknown","title":"CISA warns Fortinet users to secure devices after FortiBleed leak","description":"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed \"FortiBleed.\" [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T06:47:55.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/cisa-warns-fortinet-users-to-secure-devices-after-fortibleed-leak/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack","source":"general-news","category":"news","severity":"unknown","title":"Nintendo confirms data stolen in WebMD subsidiary cyberattack","description":"Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. [...]","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T18:31:36.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/","label":"BleepingComputer","domainType":"media"}],"feedLabel":null},{"id":"news-29-year-old-squid-proxy-bug-squidbleed-can-leak-cleartext-http-requests","source":"general-news","category":"news","severity":"unknown","title":"29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests","description":"A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy.\n\nThe bug traces to a 1997 FTP-parsing change and is still live in Squid's default configur…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:29:46.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-new-oxloader-loader-uses-malicious-google-ads-to-deliver-castlestealer","source":"general-news","category":"news","severity":"unknown","title":"New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer","description":"Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER.\n\nAccording to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidence…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T13:20:12.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/new-oxloader-loader-uses-malicious.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-stop-your-legacy-infrastructure-from-hijacking-your-ai-agents","source":"general-news","category":"news","severity":"unknown","title":"Stop Your Legacy Infrastructure from Hijacking Your AI Agents","description":"Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs are still not accounting for - how attackers are circumventing AI security programs by using legacy infrastructure to hijack AI agents.\n\nAI adoption is moving faster than security p…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T11:58:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/stop-your-legacy-infrastructure-from.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-hackers-exploit-gravity-smtp-wordpress-plugin-bug-to-expose-api-keys","source":"general-news","category":"news","severity":"unknown","title":"Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys","description":"Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.\n\nThe vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-20T09:56:04.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-unpatchable-usbliter8-exploit-breaks-apple-a12-and-a13-securerom-boot-chain","source":"general-news","category":"news","severity":"unknown","title":"Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain","description":"Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips.\n\nThat code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T18:37:41.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-from-assistive-to-agentic-the-ai-shift-that-s-redefining-threat-management","source":"general-news","category":"news","severity":"unknown","title":"From Assistive to Agentic: The AI Shift That's Redefining Threat Management","description":"Introduction\n\nThe average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbornly long (~43 days),…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T11:58:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/from-assistive-to-agentic-ai-shift.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-salesforce-disables-klue-app-integration-after-oauth-token-abuse-exposes-custome","source":"general-news","category":"news","severity":"unknown","title":"Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data","description":"Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026.\n\nTo that end, organizations will be unable to connect to Salesforce via the app until further notice,…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T09:03:57.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/salesforce-disables-klue-app.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-apple-patches-beats-studio-buds-flaw-letting-nearby-attackers-spy-via-microphone","source":"general-news","category":"news","severity":"unknown","title":"Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone","description":"Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.\n\nThe vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T06:36:09.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/apple-patches-beats-studio-buds-flaw.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-malicious-jetbrains-plugins-steal-ai-api-keys-as-chrome-extensions-capture-chatb","source":"general-news","category":"news","severity":"unknown","title":"Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats","description":"Cybersecurity researchers have flagged a \"coordinated malware campaign\" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.\n\n\"Every plugin poses as an AI coding assistant built on DeepSeek and other lar…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T13:51:58.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution","source":"general-news","category":"news","severity":"unknown","title":"CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution","description":"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability, tracked as CVE-202…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T05:50:46.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-google-vertex-ai-sdk-flaw-let-attackers-hijack-model-uploads-via-bucket-squattin","source":"general-news","category":"news","severity":"unknown","title":"Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting","description":"A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure.\n\nPalo Alto Networks Unit 42, which found and reported the bug through Google's bug bounty pr…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T19:05:41.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-clickfix-campaigns-expand-malware-delivery-with-new-loaders-and-fake-update-lure","source":"general-news","category":"news","severity":"unknown","title":"ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures","description":"Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively.\n\nAttacks involving BabaDeda Loader, observed in April 2026,…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T17:41:28.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-survey-94-of-incidents-involve-anonymized-infrastructure-teams-are-still-reactiv","source":"general-news","category":"news","severity":"unknown","title":"Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive","description":"Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms.\n\nYet despite this abundance of information, many organizations continu…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T11:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-attackers-exploit-three-fortinet-fortisandbox-flaws-one-patched-last-week","source":"general-news","category":"news","severity":"unknown","title":"Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week","description":"Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.\n\nIn a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.\n\nCVE-2026-398…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T10:30:41.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/attackers-exploit-three-fortinet.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-cisco-releases-security-updates-for-actively-exploited-sd-wan-manager-flaw","source":"general-news","category":"news","severity":"unknown","title":"Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw","description":"Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.\n\n\"A vulnerability in the web UI of Cisco Catalyst SD-WAN Man…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T06:05:58.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-cisa-flags-litespeed-cpanel-plugin-flaw-exploited-for-root-privilege-escalation","source":"general-news","category":"news","severity":"unknown","title":"CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation","description":"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026.\n\nThe vulnerability in qu…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T05:41:52.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-chinese-hackers-abused-google-workspace-rules-to-steal-research-and-defense-emai","source":"general-news","category":"news","severity":"unknown","title":"Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails","description":"A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email.\n\nThe way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the u…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T19:44:06.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/chinese-hackers-abused-google-workspace.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-litellm-vulnerability-chain-lets-low-privilege-users-take-over-ai-gateway-server","source":"general-news","category":"news","severity":"unknown","title":"LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers","description":"A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed\n\nLiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one Open…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T16:39:01.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html","label":"The Hacker News","domainType":"media"}],"feedLabel":null},{"id":"news-novo-nordisk-breach-highlights-software-development-pipeline-risk","source":"general-news","category":"news","severity":"unknown","title":"Novo Nordisk Breach Highlights Software Development Pipeline Risk","description":"A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T20:05:47.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyber-risk/novo-nordisk-breach-exposes-dev-pipeline-risk","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-fileless-phantom-stealer-targets-browser-credentials","source":"general-news","category":"news","severity":"unknown","title":"Fileless Phantom Stealer Targets Browser Credentials","description":"In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques designed to evade detection.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T22:26:34.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/cyberattacks-data-breaches/fileless-phantom-stealer-targets-browser-credentials","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-sprysocks-windows-variant-abuses-kernel-drivers-to-evade-detection","source":"general-news","category":"news","severity":"unknown","title":"SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection","description":"FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T20:11:48.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/threat-intelligence/sprysocks-windows-variant-kernel-drivers","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-rokarolla-android-trojan-levels-up-to-full-device-control-persistence","source":"general-news","category":"news","severity":"unknown","title":"Rokarolla Android Trojan Levels Up to Full Device Control, Persistence","description":"The emerging malware, spread via fake TikTok and Chrome downloads, has evolved by combining banking fraud with extensive device surveillance and remote control.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T17:32:32.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/endpoint-security/rokarolla-android-trojan","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-http-2-bomb-attacks-put-telcos-healthcare-orgs-at-risk","source":"general-news","category":"news","severity":"unknown","title":"HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk","description":"The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T19:31:37.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/vulnerabilities-threats/http-2-bomb-attacks-telcos-healthcare","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-copilot-searchleak-attack-allows-1-click-data-theft","source":"general-news","category":"news","severity":"unknown","title":"Copilot 'SearchLeak' Attack Allows 1-Click Data Theft","description":"The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T19:27:48.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/application-security/copilot-searchleak-attack-1-click-data-theft","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-china-nexus-actor-spies-on-us-researchers-undetected-for-a-year","source":"general-news","category":"news","severity":"unknown","title":"China-Nexus Actor Spies on US Researchers Undetected for a Year","description":"Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to breach numerous institutions and exfiltrate sensitive data.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T17:00:45.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.darkreading.com/threat-intelligence/china-nexus-actor-us-researchers-undetected","label":"Dark Reading","domainType":"media"}],"feedLabel":null},{"id":"news-decades-old-squid-proxy-flaw-squidbleed-can-expose-user-data","source":"general-news","category":"news","severity":"unknown","title":"Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data","description":"Squidbleed, discovered with the aid of Claude Mythos Preview, has been described as a Heartbleed-style vulnerability. \nThe post Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T13:22:31.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/decades-old-squid-proxy-flaw-squidbleed-can-expose-user-data/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-attackers-exploit-gravity-smtp-plugin-flaw-to-harvest-valuable-wordpress-data","source":"general-news","category":"news","severity":"unknown","title":"Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data","description":"Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data.\nThe post Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T11:45:43.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/attackers-exploit-gravity-smtp-plugin-flaw-to-harvest-valuable-wordpress-data/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-new-exploit-bypasses-apple-s-boot-defenses-affects-millions-of-iphones","source":"general-news","category":"news","severity":"unknown","title":"New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones","description":"The vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers.\nThe post New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T10:03:06.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/new-exploit-bypasses-apples-boot-defenses-affects-millions-of-iphones/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-texas-parks-wildlife-data-breach-affects-3-million-individuals","source":"general-news","category":"news","severity":"unknown","title":"Texas Parks & Wildlife Data Breach Affects 3 Million Individuals","description":"Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD.\nThe post Texas Parks & Wildlife Data Breach Affects 3 Million Individuals appeared first on SecurityWeek.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T05:33:39.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.securityweek.com/texas-parks-wildlife-data-breach-affects-3-million-individuals/","label":"SecurityWeek","domainType":"media"}],"feedLabel":null},{"id":"news-unpatchable-bootrom-flaw-impacts-apple-a12-a13-chips","source":"general-news","category":"news","severity":"unknown","title":"Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips ","description":"Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-klue-breach-enables-hackers-to-compromise-cybersecurity-firms-via-oauth-tokens","source":"general-news","category":"news","severity":"unknown","title":"Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens","description":"At least four cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T10:15:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/klue-breach-compromise/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-aws-unveils-continuum-an-ai-powered-vulnerability-management-platform","source":"general-news","category":"news","severity":"unknown","title":"AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform","description":"Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T11:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/aws-continuum-ai-vulnerability/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-confidence-lacks-in-threat-detection-across-non-email-channels-like-slack-and-te","source":"general-news","category":"news","severity":"unknown","title":"Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams ","description":"Half of cybersecurity leaders lack confidence in detecting threats on Slack, Teams and other non-email platforms, despite growing attacker focus","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T09:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/threat-detection-across-nonemail/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-latam-infrastructure-hit-by-fortinet-and-ivanti-exploits","source":"general-news","category":"news","severity":"unknown","title":"LATAM Infrastructure Hit by Fortinet and Ivanti Exploits","description":"CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T11:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/operation-escaneo-cloudsek-latam/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-hostile-states-behind-75-of-cyber-attacks-on-uk-critical-infrastructure-ncsc-war","source":"general-news","category":"news","severity":"unknown","title":"Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns","description":"Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-18T09:10:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/hostile-states-cni-75-percent-ncsc/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-ai-threats-and-alert-fatigue-challenge-cybersecurity-teams","source":"general-news","category":"news","severity":"unknown","title":"AI Threats and Alert Fatigue Challenge Cybersecurity Teams ","description":"Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T12:30:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/ai-threats-alert-fatigue-challenge/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-eu-security-experts-to-support-ukrainian-organizations-in-case-of-cyber-attacks","source":"general-news","category":"news","severity":"unknown","title":"EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks","description":"Ukraine has been added to the EU Cybersecurity Reserve, which provides incident response services against large-scale incidents","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T09:45:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/ukraine-included-eu-cyber-reserve/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-rokarolla-trojan-combines-banking-fraud-with-device-surveillance","source":"general-news","category":"news","severity":"unknown","title":"Rokarolla Trojan Combines Banking Fraud With Device Surveillance","description":"Rokarolla Android trojan steals banking logins and spies on victims while blocking fraud alerts","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T13:15:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/rokarolla-android-banking-trojan/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-chainguard-jpmorgan-bny-team-up-to-secure-open-source-from-ai-threats","source":"general-news","category":"news","severity":"unknown","title":"Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats","description":"Athena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit them","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T11:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/chainguard-bny-open-source-athena/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-attackers-hijack-popular-wordpress-plugins-to-deploy-backdoors","source":"general-news","category":"news","severity":"unknown","title":"Attackers Hijack Popular WordPress Plugins to Deploy Backdoors","description":"Tampered OptinMonster and sister plugins plant hidden backdoors on 1.2 million WordPress sites","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T17:00:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.infosecurity-magazine.com/news/wordpress-plugin-supply-chain/","label":"InfoSecurity Magazine","domainType":"media"}],"feedLabel":null},{"id":"news-who-pays-when-you-gate-cyber-capable-ai-models","source":"general-news","category":"news","severity":"unknown","title":"Who pays when you gate cyber-capable AI models?","description":"In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the strongest argument for gating these tools, then explains where it breaks down for security teams who depend on the same capabilities for…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T06:00:22.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/22/jaya-baloo-aisle-gating-cyber-capable-ai-models/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-hundreds-of-ai-powered-ios-apps-found-exposing-credentials","source":"general-news","category":"news","severity":"unknown","title":"Hundreds of AI-powered iOS apps found exposing credentials","description":"Mobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to those services remains a challenge. LLM API credential leakage via network traffic interception (Source: Research paper) Research…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T04:00:05.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/22/llm-api-credential-leakage-ios-apps/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-the-systemd-261-release-brings-a-software-tpm-new-os-installer","source":"general-news","category":"news","severity":"unknown","title":"The systemd 261 release brings a software TPM, new OS installer","description":"Linux distributions that ship systemd as their init system now have a new version to track. The systemd 261 update adds a cloud metadata subsystem, carries process state through kexec reboots, and continues a long-running effort to load external libraries on demand. Cloud metadata gets a local inter…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-21T22:30:29.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/22/systemd-261-released/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-klue-breach-lead-to-salesforce-data-theft-huntress-affected","source":"general-news","category":"news","severity":"unknown","title":"Klue breach lead to Salesforce data theft, Huntress affected","description":"Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools. Huntress published a detailed account of the incident on June 18, framing it as a “security domino effect…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T12:57:39.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/19/klue-salesforce-data-breach-huntress/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-cybercriminals-abused-github-youtube-and-virustotal-to-push-crypto-stealing-malw","source":"general-news","category":"news","severity":"unknown","title":"Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware","description":"A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and gambling tools appear trustworthy, Check Point researchers found. According to the researchers, the attackers packaged the mal…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-19T12:11:44.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://www.helpnetsecurity.com/2026/06/19/fake-github-stars-crypto-stealing-malware/","label":"Help Net Security","domainType":"media"}],"feedLabel":null},{"id":"news-suspected-cyberattack-triggers-false-emergency-alerts-across-parts-of-brazil","source":"general-news","category":"news","severity":"unknown","title":"Suspected cyberattack triggers false emergency alerts across parts of Brazil","description":"The incident occurred early Saturday when at least a dozen unauthorized alerts were sent through Brazil's Civil Defense Alert system, a platform designed to warn residents about imminent threats such as floods, landslides and other natural disasters.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-22T14:10:00.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://therecord.media/suspected-cyberattack-triggers-false-emergency-alerts-brazil","label":"The Record","domainType":"media"}],"feedLabel":null},{"id":"news-attackers-hit-pair-of-critical-fortinet-vulnerabilities-the-vendor-disclosed-in-","source":"general-news","category":"news","severity":"unknown","title":"Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April","description":"Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign.\nThe post Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April appeared first on CyberScoop.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-17T15:42:46.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://cyberscoop.com/fortinet-fortisandbox-vulnerabilities-exploits/","label":"CyberScoop","domainType":"media"}],"feedLabel":null},{"id":"news-ai-s-constant-patching-treadmill-can-be-a-security-problem","source":"general-news","category":"news","severity":"unknown","title":"AI’s constant patching treadmill can be a security problem","description":"The breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report.\nThe post AI’s constant patching treadmill can be a security problem appeared first on CyberScoop.","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-16T20:32:30.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://cyberscoop.com/claude-code-security-vulnerabilities-ai-patches-backslash-security/","label":"CyberScoop","domainType":"media"}],"feedLabel":null},{"id":"news-google-exposes-china-espionage-group-that-s-been-lurking-in-networks-undetected-","source":"general-news","category":"news","severity":"unknown","title":"Google exposes China espionage group that’s been lurking in networks undetected since 2023","description":"The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications.\nThe post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appeare…","indicators":{"cves":[],"ips":[],"domains":[],"urls":[],"hashes":{"md5":null,"sha1":null,"sha256":null}},"tags":[],"malwareFamily":null,"confidence":null,"publishedAt":"2026-06-15T20:11:48.000Z","fetchedAt":"2026-06-22T15:00:02.228Z","references":[{"url":"https://cyberscoop.com/google-unc6508-china-espionage-threat/","label":"CyberScoop","domainType":"media"}],"feedLabel":null}],"llmPrompt":"You are a cybersecurity analyst. Summarize this daily threat intelligence report for 2026-06-22.\nTotal items collected: 347 from sources: cisa-kev: 2, cisa-advisories: 15, vendor-blogs: 185, malware-bazaar: 33, abuse-ipdb: 20, threatfox: 2, general-news: 103.\n\nTop threats by severity:\n1. [CRITICAL] AzeoTech DAQFactory\n2. [CRITICAL] CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability\n3. [CRITICAL] CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability\n4. [CRITICAL] CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability\n5. [CRITICAL] CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability\n6. [CRITICAL] CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability\n7. [CRITICAL] Malicious IP: 183.91.11.36\n8. [CRITICAL] Malicious IP: 20.226.73.88\n9. [CRITICAL] Malicious IP: 94.183.188.148\n10. [CRITICAL] Malicious IP: 41.76.213.108\n\nProvide: (1) Executive summary (2-3 sentences), (2) Key threats to watch,\n(3) Recommended actions for security teams, (4) Notable trends.\nBe concise and actionable. Focus on what matters most to defenders."}