CYBER Threat Intelligence Reports
LATEST CTIs
BlueHammer: Microsoft Defender Privilege Escalation (CVE-2026-33825)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-33825, also known as BlueHammer, to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation…
Read more >
CISA Flags Actively Exploited Cisco SD-WAN Vulnerabilities (CVE-2026-20133, CVE-2026-20122, CVE-2026-20128)
CISA has added multiple Cisco Catalyst SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating active exploitation in the wild. These flaws affect SD-WAN…
Read more >
nginx-ui Unauthenticated Takeover Vulnerability Actively Exploited (CVE-2026-33032)
CVE-2026-33032 is a critical authentication bypass vulnerability affecting nginx-ui (≤ 2.3.5). The issue arises from inconsistent security controls applied to MCP endpoints: while the /mcp…
Read more >
CISA Flags Actively Exploited Microsoft Office and SharePoint Vulnerabilities (CVE-2009-0238, CVE-2026-32201)
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation in the wild. The inclusion of both a legacy Microsoft…
Read more >
Ivanti EPMM Unauthenticated RCE Actively Exploited (CVE-2026-1340)
CVE-2026-1340 is a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that enables unauthenticated remote code execution (RCE). The flaw has been confirmed…
Read more >
FortiClient EMS 0-Day Enables RCE (CVE-2026-35616)
Fortinet has confirmed active exploitation of CVE-2026-35616 in the wild. The vulnerability was reportedly leveraged as a zero-day prior to disclosure, indicating that attackers had…
Read more >
