CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Threat Intelligence
Intel Feed

cyberintel.kalymoon.com  ·  1255 articles  ·  updated every 4 hours · grows forever

1255Total
1207Full Text
Jul 01, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
◉ Threat Intelligence Apr 08, 2026
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox

Unit 42 uncovers critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, demonstrating DNS tunneling and credential exposure. The post Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox…

Palo Alto Unit 42 Read →
◉ Threat Intelligence Apr 08, 2026
Lumen and Black Lotus Labs: Leading the charge in cybersecurity - Lumen Technologies

Lumen and Black Lotus Labs: Leading the charge in cybersecurity Lumen Technologies

Lumen Technologies Read →
◉ Threat Intelligence Apr 08, 2026
IBM X-Force threat intelligence cybersecurity brief: novel coronavirus (COVID-19) - IBM

IBM X-Force threat intelligence cybersecurity brief: novel coronavirus (COVID-19) IBM

IBM Read →
◉ Threat Intelligence Apr 07, 2026
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

Advisory at a Glance Title Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Original Publication April 7, 2026 Executive Summary Iran-affiliated…

CISA Alerts Read →
◉ Threat Intelligence Apr 07, 2026
Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs
CrowdStrike Read →
◉ Threat Intelligence Apr 07, 2026
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)

Webshells remain a popular method for attackers to maintain persistence on a compromised web server. Many "arbitrary file write" and "remote code execution" vulnerabilities are used to drop small file…

SANS ISC Read →
◉ Threat Intelligence Apr 07, 2026
Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today.…

Krebs on Security Read →
◉ Threat Intelligence Apr 07, 2026
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipment like routers, then modifying their settings in…

Microsoft Security Read →
◉ Threat Intelligence Apr 07, 2026
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks - The Hacker News

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks The Hacker News

The Hacker News Read →
◉ Threat Intelligence Apr 07, 2026
ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)
SANS ISC Read →
◉ Threat Intelligence Apr 07, 2026
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed
CrowdStrike Read →
◉ Threat Intelligence Apr 07, 2026
Understanding Current Threats to Kubernetes Environments

Unit 42 uncovers escalating Kubernetes attacks, detailing how threat actors exploit identities and critical vulnerabilities to compromise cloud environments. The post Understanding Current Threats to …

Palo Alto Unit 42 Read →
◉ Threat Intelligence Apr 06, 2026
Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data,…

Microsoft Security Read →
◉ Threat Intelligence Apr 06, 2026
Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation. This campaign goes beyond traditional phishing by generating live authenti…

Microsoft Security Read →
◉ Threat Intelligence Apr 06, 2026
Day in the Life: Product Manager at Recorded Future

VentureFizz interviews Senior Product Manager Kyle Kohler on his role at Recorded Future

Recorded Future Read →
◉ Threat Intelligence Apr 06, 2026
Nearly half of exploited zero-day flaws target enterprise-grade technology - Cybersecurity Dive

Nearly half of exploited zero-day flaws target enterprise-grade technology Cybersecurity Dive

Cybersecurity Dive Read →
◉ Threat Intelligence Apr 06, 2026
6th April – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 30th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The European Commission, the European Union’s execut…

Check Point Research Read →
◉ Threat Intelligence Apr 06, 2026
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)

In one of his recent diaries, Johannes discussed how open redirects are actively being sought out by threat actors[1], which made me wonder about how commonly these mechanisms are actually misused…

SANS ISC Read →
◉ Threat Intelligence Apr 06, 2026
Cybersecurity Profile 2025: Vietnam - The Henry M. Jackson School of International Studies

Cybersecurity Profile 2025: Vietnam The Henry M. Jackson School of International Studies

The Henry M. Jackson School of International Studies Read →
◉ Threat Intelligence Apr 06, 2026
ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)
SANS ISC Read →
◉ Threat Intelligence Apr 06, 2026
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimov…

Krebs on Security Read →
◉ Threat Intelligence Apr 06, 2026
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide - The Hacker News

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide The Hacker News

The Hacker News Read →
◉ Threat Intelligence Apr 05, 2026
Stryker rules out ransomware, confirms threat actor used non-propagating malicious file - Industrial Cyber

Stryker rules out ransomware, confirms threat actor used non-propagating malicious file Industrial Cyber

Industrial Cyber Read →
◉ Threat Intelligence Apr 05, 2026
Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises - The Hacker News

Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises The Hacker News

The Hacker News Read →
← Prev 25 / 53 Next →