Threat Overview A recent Microsoft security briefing, published on 2026-07-01, identifies a sophisticated threat that leverages a malicious Chromium extension to hijack browser search queries. The adversary employs AI‑related branding and visual cues to create an
Continue ReadingBlog
Langflow Vulnerability Analysis Why High CVSS Scores Don’t Guarantee Exploitation
On June 25, 2026 the Sysdig Threat Research Team (TRT) documented the first known active exploitation of a critical Langflow vulnerability, CVE-2026-55255. The report illustrates how a higher CVSS score does not automatically translate into faster
Continue ReadingOpenAI Poisoned Tenant Attack Investigation
The threat landscape for enterprise AI platforms has expanded with a new adversarial technique known as the poisoned tenant attack. In this event, an attacker registers an OpenAI organization using the victim’s company name and invites
Continue ReadingZero Day Exploitation Vulnerability CVE 2026 20245 Cisco Catalyst SDWAN Manager
Zero Day Exploitation Vulnerability CVE 2026 20245 Cisco Catalyst SDWAN Manager Threat Overview: In early 2026 a sophisticated threat actor targeted the SD-WAN infrastructure of a major service provider. The campaign leveraged a zero‑day flaw (CVE
Continue ReadingFortiBleed Unveiled Decoding the CyberStrike Harvester in a Worldwide FortiGate Credential Scam
Threat Overview The latest intelligence from Arctic Wolf, released on 2026-06-25, exposes a sophisticated credential‑compromise campaign dubbed FortiBleed. The operation focuses exclusively on internet‑facing Fortinet FortiGate firewalls and SSL VPN gateways. Unlike many modern exploits that rely
Continue ReadingAPT36 Cluster Continues Operation
Threat Overview AlienVault's latest threat report, released on 23 June 2026, details a persistent and evolving attack campaign attributed to the APT36 cluster. The actors have expanded their delivery chain by incorporating two high‑impact CVEs—CVE-2026-21509 and
Continue ReadingGravity SMTP Vulnerability Exploited to Expose WordPress Data
Attackers have discovered a flaw in the Gravity SMTP WordPress plugin that allows them to pull a full system report without any authentication. The vulnerability, identified as CVE-2026-4020, was first publicly disclosed on March 30th and
Continue ReadingPoisson Attack Analysis Report
Executive Summary Cato Networks’ CTRL team published a detailed post‑incident report on the Poisson campaign, an operation that leveraged free‑tier infrastructure to compromise four French victims over 33 days. The analysis is unique because it reconstructs
Continue ReadingOperation Endgame Shuts Down TA569 SocGholish Web Inject Network
Operation Endgame Shuts Down TA569 SocGholish Web Inject Network The Proofpoint Threat Research Team released a comprehensive threat report on 17 June 2026 detailing the global disruption of the cyber‑criminal group TA569, best known for its SocGholish web‑inject
Continue ReadingAttackers Jailbreak LLMs Using CTF Framing How To Counter Them
Large‑language models (LLMs) have become a cornerstone of modern AI deployments, powering chatbots, code generation tools, and internal automation pipelines. The very same generative capabilities that empower productivity are now being weaponised by threat actors who
Continue Reading