soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

SOCRadar’s Free Ransomware Intelligence Dashboard: Track Live Ransomware Activity

SOCRadar’s Free Ransomware Intelligence Dashboard: Track Live Ransomware Activity The ransomware threat intelligence community has been doing incredible work making data more accessible from projects like Ransomware.live, Ransomlook, and CTI.fyi to curated resources like Will Thomas’s Awesome-Ransomware repo on GitHub, there’s a growing ecosystem of free, community-driven tools that help analysts, researchers, journalists, and defenders […]

Mehr lesen →
soc

Dark Web Profile: Keymous+

Dark Web Profile: Keymous+ Keymous Plus, also known as Keymous+ threat group, markets itself as a hacktivist collective fighting for humanity. What intelligence investigations have documented is structurally different: a North African hybrid actor blending political performance with a commercial DDoS-as-a-Service platform, an alliance network spanning 70+ groups, and an operational tempo that has made […]

Mehr lesen →
soc

May 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days

May 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days Microsoft released its May 2026 Patch Tuesday security updates, resolving a total of 137 vulnerabilities across Windows and a broad range of Microsoft products and components. Unlike the previous several months, this release contains no zero-day vulnerabilities – neither actively exploited nor publicly disclosed prior to today’s […]

Mehr lesen →
soc

Top 10 Deep & Dark Web Forums

Top 10 Deep Web and Dark Web Forums in 2026 The top Deep Web and Dark Web Forums actively monitored in 2026 are XSS, Exploit.in, BHF, Dread, DarkForums, Altenen, CryptBB, Cracked, and DamageLib, based on how frequently they surface in threat intelligence investigations, court records, and breach response work. Several previously dominant forums have been […]

Mehr lesen →
soc

Discord and Gemini Database Claims, Cisco FMC RCE Leak, Xia Stealer Sale, and IMSS Donor Records Listing

Discord and Gemini Database Claims, Cisco FMC RCE Leak, Xia Stealer Sale, and IMSS Donor Records Listing SOCRadar Dark Web Team identified several new underground posts, including an alleged Discord database dump shared with “simple” user style fields, and a separate claim of a gemini.google.com database being distributed for free. Another post referenced an alleged […]

Mehr lesen →
soc

CVE-2026-43500 and CVE-2026-43284: Dirty Frag Linux Privilege Escalation Flaw Raises Post-Compromise Risk

Linux local privilege escalation bugs remain especially dangerous when they turn a limited foothold into full root access. The CVE-2026-43500 vulnerability is the RxRPC half of the Dirty Frag exploit chain, which Microsoft says is already linked to limited in-the-wild post-compromise abuse, while Qualys describes it as a page-cache write issue that can let an […]

Mehr lesen →
soc

Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack

Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack It hasn’t been long since TeamPCP made headlines for compromising Checkmarx’s GitHub Actions and OpenVSX extensions as part of a sprawling supply chain campaign. Now the same threat actor is back; and this time, they went after the Checkmarx Jenkins plugin. The attack was flagged […]

Mehr lesen →
soc

SOCRadar Recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies

SOCRadar Recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies SOCRadar is positioned as a Visionary in the inaugural Magic Quadrant report for Threat Intelligence, which helps leaders evaluate the right CTI technologies against the most impactful threats. When we set out to build SOCRadar, we made a bet that most of the […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-42208 BerriAI LiteLLM SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of […]

Mehr lesen →