Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CISA KEV Threat Intel Orchestrator 0 The CISA KEV Threat Intel Orchestrator is an automation pipeline that transforms newly weaponized vulnerabilities listed in the CISA Known Exploited Vulnerabilities (KEV) catalog into production-ready Sigma detection rules. It automates a process that typically takes security teams several hours per vulnerability, generating detection rules weekly and delivering them via email and logging them for audit purposes. This tool is designed to improve efficiency in vulnerability detection and response workflows but is not itself a vulnerability or threat. Join the discussion | Reddit Cybersecurity | 07/10/2026, 14:11:45 UTC Added: 07/10/2026, 14:17:25 UTC |
The Replicant in Your Directory: AI Agents and the Identity Security Gap 0 This threat highlights the security challenges posed by the rapid growth of non-human identities such as AI agents, service accounts, and machine identities within enterprise environments. These identities often outnumber human users and do not follow traditional identity lifecycle management, making it difficult for organizations to track ownership, permissions, and access. The expansion of trusted machine identities increases the attack surface and complicates governance, as these identities can inherit permissions, create additional identities, and operate at machine speed. Despite stronger governance practices, organizations with significant AI-driven identity growth have experienced higher breach rates. The core issue is the identity security gap where existing identity governance frameworks, designed for humans, are insufficient for managing AI and machine identities effectively. MediumVulnerability Join the discussion | Bleeping Computer | 07/10/2026, 14:00:10 UTC Added: 07/10/2026, 14:02:39 UTC |
CVE-2025-12127CVE-2025-12127 0 CVE-2025-12127 is a vulnerability record that has been rejected and contains no technical details or description. There is no information on affected versions, impact, or remediation. Join the discussion | CVE Database V5 | 07/10/2026, 13:48:04 UTC |
MAL-2026-10117: Malicious code in nodemon-slint (npm) 0 The nodemon-slint package on npm contains malicious code that fully compromises any computer on which it is installed or running. The compromise may allow an attacker full control over the affected system. Removal of the package does not guarantee elimination of all malicious software introduced. Immediate rotation of all secrets and keys stored on the compromised machine is strongly advised. Join the discussion | GCVE Database | 07/10/2026, 10:18:08 UTC Added: 07/10/2026, 13:24:03 UTC |
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security UpdateCVE-2026-59725 0 Red Hat has issued a security advisory for its Hardened Images RPMs, specifically addressing vulnerabilities in the dotnet8.0 packages. The update includes multiple RPMs for aarch64 and x86_64 architectures. The advisory references two CVEs, including CVE-2026-59725, and provides updated package versions to mitigate these issues. No explicit patch versions are stated as affected or fixed in the advisory. No known exploits in the wild have been reported. The severity is assessed as high by the vendor. Join the discussion | GCVE Database | 07/10/2026, 05:14:22 UTC Added: 07/10/2026, 13:24:03 UTC |
The Hidden Security Risks of Reduced Summer IT Coverage 0 This report discusses the security risks associated with reduced IT staffing during summer vacations, emphasizing that security operations continue despite lower personnel availability. It highlights how AI-driven automation can help maintain consistent security operations and reduce dependence on manual processes throughout the year. LowVulnerability Join the discussion | Bleeping Computer | 07/09/2026, 14:02:12 UTC Added: 07/10/2026, 13:23:24 UTC |
Zimbra urges customers to patch critical web client XSS flaw 0 A critical cross-site scripting (XSS) vulnerability affects the Classic Web Client of the Zimbra Collaboration suite. The Zimbra security team has urged customers to apply patches to address this flaw. No specific affected versions or patch details are provided in the available information. The vulnerability could allow attackers to execute malicious scripts in the context of the web client, potentially impacting user interactions. Join the discussion | Bleeping Computer | 07/10/2026, 11:47:38 UTC Added: 07/10/2026, 13:23:24 UTC |
CVE-2026-56813: CWE-141 Improper Neutralization of Parameter/Argument Delimiters in elixir-plug plugCVE-2026-56813 0 CVE-2026-56813 is a vulnerability in the elixir-plug plug library where improper neutralization of the ';' delimiter in HTTP cookie attributes allows attackers to inject or override cookie attributes. This occurs because the Plug.Conn.Cookies.encode/2 function directly interpolates cookie values and attributes into the Set-Cookie header without sanitizing the ';' character. Exploitation can lead to cookie tossing and session fixation by altering cookie scope or security flags. The vulnerability affects multiple versions of plug prior to specific fixed releases. The CVSS score is low, reflecting limited impact and attack complexity. Join the discussion | CVE Database V5 | 07/10/2026, 12:51:08 UTC Added: 07/10/2026, 13:03:11 UTC |
CVE-2026-54470: CWE-611: Improper Restriction of XML External Entity Reference in Dell Unisphere for PowerMaxCVE-2026-54470 0 Dell Unisphere for PowerMax versions 10.3.0.5 and earlier contain an XML External Entity (XXE) vulnerability (CWE-611). This vulnerability allows a low privileged attacker with remote access to potentially gain unauthorized access. The CVSS score is 5.3, indicating medium severity. No patch or official remediation has been confirmed yet. Join the discussion | CVE Database V5 | 07/10/2026, 12:20:16 UTC Added: 07/10/2026, 13:03:11 UTC |
CVE-2026-54469: CWE-502: Deserialization of Untrusted Data in Dell Unisphere for PowerMaxCVE-2026-54469 0 Dell Unisphere for PowerMax versions 10.3.0.5 and earlier contain a deserialization of untrusted data vulnerability. This flaw allows a low privileged remote attacker to potentially execute arbitrary commands with root privileges. The vulnerability is classified as CWE-502 and has a high severity CVSS score of 8.8. No official patch or remediation guidance has been provided yet by the vendor. Join the discussion | CVE Database V5 | 07/10/2026, 12:14:48 UTC Added: 07/10/2026, 13:03:11 UTC |
Showing 1 to 10 of 10228 results