Threat Overview The latest threat report from AlienVault outlines a sophisticated voicemail‑themed phishing campaign that targets Microsoft 365 users. Attackers send emails that appear to be legitimate voicemail notifications from well‑known vendors such as DocuSign, Outlook
Continue ReadingMonth: June 2026
First Look Splinter Red Team Tool
Recent investigations by Palo Alto Networks’ Unit 42 have uncovered a new post‑exploitation framework dubbed Splinter. This tool, written in Rust and weighing roughly 7 MB due to its extensive static linking of external libraries, was discovered on
Continue ReadingActive Exploitation PAN OS CVE 2026 0257
In a recent intelligence gathering effort, AlienVault identified an active exploitation campaign against the authentication bypass vulnerability CVE-2026-0257 in Palo Alto Networks GlobalProtect. The threat actor—currently unnamed—has leveraged this flaw to establish unauthorized VPN sessions on
Continue ReadingTaxShadow Operation Targets Multiple Regions With Tax Phishing And In Memory Malware
Executive Summary The latest threat intelligence release identifies an advanced adversary group executing a multi‑stage malware campaign known as Operation TaxShadow. Leveraging tax‑themed social engineering, the attackers infiltrate Indian and Japanese organizations through seemingly official correspondence from
Continue ReadingRegional Malicious Infrastructure Report Reveals Over 1350 C2 Servers Across 98 Providers
Threat Overview The latest Hunt.io intelligence release, Middle East Malicious Infrastructure Report, documents more than one thousand three hundred fifty command‑and‑control (C2) servers distributed across ninety‑eight hosting and telecom providers in fourteen Middle Eastern countries. The
Continue ReadingRed Hat Cloud Services NPM Packages Targeted in Shai Hulud Supply Chain Attack
On June 2, 2026, Socket Dev released a detailed threat report titled Shai Hulud Supply‑Chain Campaign Targets Red Hat Cloud Services npm Packages. The publication exposes a coordinated malware operation that leveraged compromised @redhat-cloud-services packages to infiltrate developer environments and continuous integration
Continue ReadingHotel Customer Phishing Attack Luxembourg
Executive Summary On 1 June 2026, CIRCL identified a sophisticated phishing operation aimed at guests of hotels located in Luxembourg. The attackers exploit legitimate booking data to craft convincing messages that appear to come from the
Continue Reading