Home/Blog/Threat Intelligence

34 Articles

Threat Intelligence

Browse all articles in the threat intelligence category.

All Posts AI-Driven Red Teaming & Agentic AI Security Cybersecurity & Red Teaming Red Team Threat Intelligence Vulnerability Management Zero Trust & Cloudflare Security

Threat IntelligenceFeb 19, 2026

OAuth Device Code Vishing: Microsoft Entra Account Takeover TTPs

Threat actors weaponize OAuth 2.0 Device Authorization flow with vishing campaigns to compromise Microsoft Entra accounts across technology, manufacturing, and financial sectors.

Threat IntelligenceFeb 19, 2026

CRESCENTHARVEST RAT Campaign: Iran Protest Surveillance TTPs

CRESCENTHARVEST campaign deploys custom RAT malware against Iran protest supporters, demonstrating advanced surveillance TTPs for long-term information theft and monitoring operations.

Threat Intelligence Articles | Cybersecurity Blog - Satyam Rastogi | Satyam Rastogi - vCISO & Hacker

Threat IntelligenceFeb 19, 2026

Dell RecoverPoint CVE-2026-22769: UNC6201 Attack Chain Analysis

UNC6201 threat actors exploited CVE-2026-22769, a CVSS 10.0 hard-coded credential vulnerability in Dell RecoverPoint for VMs, demonstrating sophisticated attack chains targeting enterprise backup infrastructure.

Threat IntelligenceFeb 19, 2026

Dell RecoverPoint CVE-2026-22769: UNC6201 Zero-Day Attack Chain

UNC6201 threat actors have weaponized CVE-2026-22769, a CVSS 10.0 hard-coded credential flaw in Dell RecoverPoint for VMs, enabling pre-authentication remote code execution since mid-2024.

Threat IntelligenceFeb 18, 2026

Dell RecoverPoint Zero-Day CVE-2026-22769: UNC6201 Attack Chain

UNC6201 threat cluster exploited Dell RecoverPoint CVSS 10.0 zero-day since mid-2024, leveraging hard-coded credentials for initial access and lateral movement across enterprise environments.

Threat IntelligenceFeb 18, 2026

Dell RecoverPoint Zero-Day CVE-2026-22769: Hard-Coded Credential Attack

Dell RecoverPoint VM vulnerability CVE-2026-22769 (CVSS 10.0) exploited by Chinese APT UNC6201 since mid-2024 through hard-coded credentials, enabling complete infrastructure compromise.

Threat IntelligenceFeb 18, 2026

Dell Zero-Day Exploitation: Chinese APT Attack Chain Analysis

Chinese state-backed attackers have exploited a critical Dell zero-day since mid-2024, demonstrating advanced persistent threat capabilities through hardware-level compromise vectors.

Threat IntelligenceFeb 17, 2026

SmartLoader AI MCP Server Trojan: StealC Infostealer Attack Analysis

Threat actors weaponize legitimate AI Model Context Protocol servers to distribute StealC infostealer. Critical supply chain attack vector targeting AI integration platforms.

Threat IntelligenceFeb 17, 2026

Multi-Vector Attack Convergence: Legacy Botnets, AI & Cloud Abuse

Attackers are weaponizing trusted tools and combining legacy botnet operations with AI-powered malware and cloud abuse tactics. This convergence creates sophisticated attack chains that bypass traditional security controls through legitimate infrastructure.

Threat IntelligenceFeb 17, 2026

Multi-Vector Convergence: Outlook Add-Ins, Zero-Days & AI Malware

Threat actors are converging traditional botnet tactics with modern cloud abuse, AI-powered malware, and trusted application hijacking to create devastating attack chains. Analysis of current multi-vector campaign strategies.

Threat IntelligenceFeb 17, 2026

Multi-Vector Attack Convergence: Outlook, Zero-Days & AI Malware

Threat actors are converging legacy botnet tactics, cloud abuse, AI assistance, and supply-chain exposure into hybrid attack chains that bypass traditional security controls.

Threat IntelligenceFeb 16, 2026

ClickFix DNS Abuse: PowerShell Payload via nslookup Attack Chain

Attackers now leverage DNS TXT records and nslookup commands to deliver PowerShell payloads in ClickFix campaigns, bypassing traditional detection mechanisms through legitimate DNS infrastructure.

Threat IntelligenceFeb 12, 2026

Apple Zero-Day Exploitation: Targeted Attack Chain Analysis

Apple patched a zero-day vulnerability exploited in targeted attacks. We analyze the attack chain, TTPs, and defensive strategies for security teams.

Threat IntelligenceFeb 11, 2026

North Korean macOS Malware: ClickFix AI-Powered Crypto Attacks

North Korean threat actors deploy AI-generated video content and ClickFix social engineering to distribute cross-platform malware targeting cryptocurrency sector assets.

Threat IntelligenceFeb 9, 2026

Signal Phishing Campaigns: State-Sponsored Mobile Attack Chains

German agencies warn of sophisticated state-sponsored phishing campaigns targeting politicians and military officials through Signal messenger app exploitation.

Threat IntelligenceFeb 8, 2026

German Signal Phishing: State-Sponsored Target Acquisition Campaign

German agencies report state-sponsored Signal phishing targeting politicians, military, and journalists. Analysis of attack vectors, TTPs, and defensive countermeasures.

Threat IntelligenceFeb 7, 2026

Signal Account Hijacking: State-Sponsored Phishing Attack Chain

German intelligence warns of sophisticated phishing campaigns targeting senior officials via Signal. APTs use social engineering and account takeover techniques to compromise high-value targets for intelligence gathering.

Threat IntelligenceFeb 4, 2026

Infostealer Malware Tactics: How Attackers Harvest Corporate Credentials

Information-stealing malware variants are weaponizing credential theft for corporate network compromise. Red team analysis of attack chains and defensive countermeasures.

Threat Intelligence

OAuth Device Code Vishing: Microsoft Entra Account Takeover TTPs

CRESCENTHARVEST RAT Campaign: Iran Protest Surveillance TTPs

Dell RecoverPoint CVE-2026-22769: UNC6201 Attack Chain Analysis

Dell RecoverPoint CVE-2026-22769: UNC6201 Zero-Day Attack Chain

Dell RecoverPoint Zero-Day CVE-2026-22769: UNC6201 Attack Chain

Dell RecoverPoint Zero-Day CVE-2026-22769: Hard-Coded Credential Attack

Dell Zero-Day Exploitation: Chinese APT Attack Chain Analysis

SmartLoader AI MCP Server Trojan: StealC Infostealer Attack Analysis

Multi-Vector Attack Convergence: Legacy Botnets, AI & Cloud Abuse

Multi-Vector Convergence: Outlook Add-Ins, Zero-Days & AI Malware

Multi-Vector Attack Convergence: Outlook, Zero-Days & AI Malware

ClickFix DNS Abuse: PowerShell Payload via nslookup Attack Chain

Apple Zero-Day Exploitation: Targeted Attack Chain Analysis

North Korean macOS Malware: ClickFix AI-Powered Crypto Attacks

Signal Phishing Campaigns: State-Sponsored Mobile Attack Chains

German Signal Phishing: State-Sponsored Target Acquisition Campaign

Signal Account Hijacking: State-Sponsored Phishing Attack Chain

Infostealer Malware Tactics: How Attackers Harvest Corporate Credentials

CSA XCON 2026: India's Biggest AI and Cybersecurity Conference

Russian APTs Strike Fast: CVE-2024-21509 Weaponized Hours After Patch

Notepad++ Supply Chain Attack: Lessons from Lotus Blossom APT

Weekly Threat Recap: Botnets, Zero-Days & AI Security Risks

Russian APTs Strike Again: CVE-2026-21509 Weaponized Hours After Patch

341 Malicious ClawHub Skills: The AI Marketplace Supply Chain Attack

Weekly Cyber Threats: From Proxy Botnets to AI Hijacks

Notepad++ Supply Chain Attack: 6-Month Chinese State Campaign

GlassWorm Strikes Again: Open VSX Publisher Account Hijacked

Weekly Threat Roundup: Zero-Days, Botnets, and AI Hijacks

Weekly Cyber Roundup: 5 Critical Threats Reshaping Security

This Week's Cybersecurity Threats: What Security Teams Must Know

Critical Threats This Week: Proxy Botnets to AI Hijacks

341 Malicious Skills Found on ClawHub: A New Supply Chain Risk

Critical Security Threats Reshape February 2026 Landscape

Weekly Cyber Threats: Proxy Botnets and AI Security Risks