Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz: from n/a through 2.3.5.

Click here to read the latest Threat Advisories from HiveForce Labs originated from Hive Pro.

Insights, education and and advice on cybersecurity issues and threats.


Informative, solution-oriented content for security practitioners — from breaking news, expert analysis, and thought leadership to essential guides, articles, videos, blogs, and more.

Kaspersky's threat research and reports.

Browse indicators of compromise (IOCs) on ThreatFox.

Learn about the world's most prevalent cyberthreats, including viruses and malware. Understand how they arrive, their detailed behaviors, infection symptoms, and how to prevent and remove them.

Security Joes is a multi-layered Incident Response company that specializes in IR, MDR & Red Teaming. The company was established by security researchers to first and foremost generate resilience against highly complex cyberwarfare incidents, extract vital evidence and attribute TTPs to threat actors and state-sponsored hacking groups. Based out of Israel, the company is constructed from a best-of-breed agnostic team of threat hunters, responders & security researchers, hand-picked from all over the world, to provide 24x7x365 “follow-the-sun” coverage.

The latest cybersecurity insights on identifying threats, managing risk, and strengthening your organization's security posture.

Every day Kaspersky automatically processes around 400,000 new malicious files. Only one percent of these need manual work from a security expert, and only a tiny fraction of that 1% go to the company’s top-notch Global Research and Analysis Team (GReAT). Those chosen few samples belong to the rarest, most menacing new APTs (advanced persistent threats). Kaspersky Lab’s Targeted Cyberattack Logbook chronicles all of these ground-breaking malicious cybercampaigns that have been investigated by!

Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

See the top MITRE ATT&CK® techniques we observed in confirmed cyber threats across the Red Canary customer base in 2022.

The Kubenomicon was born of a desire to understand more about Kubernetes from an offensive perspective. I found many great resources to aid in my journey, but I quickly realized.

The latest updates on cybersecurity from today’s experts. Read about ransomware, vulnerabilities, and threat intelligence impacting businesses.

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Read SafeBreach’s original threat research reports and learn about updates to our Hacker’s Playbook.

Researchers in the Lookout Threat Lab leverage the world’s largest mobile telemetry dataset to track APT activity, discover new mobile malware, and provide actionable intelligence.

Sharing Mitiga’s latest threat intelligence and research, cloud IR insights, and company news.

Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.


Internet threats and cybersecurity are constantly evolving. To protect yourself and your systems, make sure you know the latest threats and solutions. Learn more from our internet security blog.

The purpose of the threat matrix for Kubernetes is to conceptualize the known tactics, techniques, and procedures (TTP) that adversaries may use against Kubernetes environments. Inspired from MITRE ATT&CK, the threat matrix for Kubernetes is designed to give quick insight into a potential TTP that an adversary may be using in their attack campaign. The threat matrix for Kubernetes contains also mitigations specific to Kubernetes environments and attack techniques.

Real Intrusions by Real Attackers, The Truth Behind the Intrusion.

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization that's passionate about helping you proactively manage cyber risk.


The RRA (Recent Ransomware Attacks) site acts as a watchtower, providing near real-time ransomware tracking of attacks, groups and their victims. Given threat actors' overarching. lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The Proofpoint cybersecurity blog provides you with advanced cybersecurity intelligence and insights, threat research, and breaking cyber attack news. Get the latest news about advanced threats.

Elastic Security Labs empowers security teams across the globe with novel security intelligence research and free to use tools.

Recorded Future’s Insikt Group produces research that creates action to disrupt adversaries. We write on a range of cyber and geopolitical topics, including state-sponsored threat groups; financially-motivated threat actors on the darknet and criminal underground; newly emerging malware and attacker infrastructure; strategic geopolitics; and influence operations.

a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

The Intelligence and research arm of Check Point Technologies provides leading cyber threat intelligence to Check Point customers and the greater intelligence community.

Peace of mind for you and your customers.

The leading database for open source vulnerabilities and cloud misconfigurations.


ThreatMiner is a threat intelligence portal that provides information on indicators of compromise (IOC) such as domains, IP address, malware samples (MD5, SHA1 and SHA256), SSL certificates, WHOIS information and malicious URLs such as phishing and malware links.

We are the leading creator of original DNS threat intelligence. We’re proactive, not just defensive, using our insights to track threat actor infrastructure and disrupt cybercrime where threat actors begin. We also believe in sharing knowledge to support the broader security community by publishing detailed research on select actors and associated indicators.

Phishing, social engineering, and modern threats.

Sticky notes for malware analysis, research, and techniques. Malware data collections from open-source resources and analysis.


Global Cybersecurity Threat Analysis and Hunting.

Through the years, ESET and its researchers have been credited with many discoveries and have scored accolades for many of their research works.