Threat Advisories:
72-Hour Window of Trust: Fox Tempest’s Abuse of Microsoft Artifact Signing May 2026 Linux Patch Roundup From npm to GitHub: TeamPCP’s May 2026 Escalation Reaches the Source Code Platform Inside Storm-2949’s Cloud Takeover Campaign Targeting Microsoft 365 and Azure Dead.Letter Walking: Unauthenticated RCE Stalks Exim Mail Servers One Million WordPress Sites at Risk: Avada Builder Flaws Expose Sensitive Data Three Strikes in Two Weeks: Fragnesia Joins the Dirty Frag Family Critical NGINX Vulnerabilities Including 18-Year-Old RCE Flaw Actively Exploited Active Exploitation of CVE-2026-42897 Targets Microsoft Exchange Servers FamousSparrow’s Persistent Hold on Azerbaijani Oil & Gas Cisco SD-WAN Authentication Bypass Exploited in Zero-Day Attacks Mini Shai-Hulud npm Supply Chain Worm: TanStack and Multi-Ecosystem Compromise Malicious Ruby Gems Fuel GemStuffer Data Theft Campaign Microsoft’s May 2026 Patch Tuesday PCPJack Hijacks Vulnerable Servers With Worm-Like Cloud Propagation Tactics QLNX Unmasked: Advanced Linux Malware Targets Developers and Cloud Infrastructure Dirty Frag A 2017 Optimization That Aged Into a Root Exploit TCLBanker: Trojanized Logitech Installer Fuels Banking Malware Campaign Ivanti EPMM Flaws Threaten Enterprise Device Management Systems Is Your Spring Config Server an Open Door? CVE-2026-40982 Says Yes
New Report Critical Threat Research : The Iranian Cyber War Intensifies! Download the Report
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Learning Center
Podcasts
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoFree Iranian Exposure Assessment
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Learning Center
Podcasts
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoFree Iranian Exposure Assessment

Threat Advisories

Expert threat advisories published daily by HiveForce Labs, covering ransomware campaigns, advanced persistent threats (APTs), critical vulnerabilities, and malware analysis. Each advisory provides detailed intelligence on threat characteristics, potential impact, and recommended remediation steps to help security teams take immediate, informed action.

Strengthen Your Defenses With the Latest Intelligence

Red | Attack Report
72-Hour Window of Trust: Fox Tempest’s Abuse of Microsoft Artifact Signing
Summary Fox Tempest is a financially motivated threat actor that operated a May 25, 2026
Red | Vulnerability Report
May 2026 Linux Patch Roundup
Summary In May 2026, more than 1756 new Linux vulnerabilities were discovered May 25, 2026
Red | Attack Report
From npm to GitHub: TeamPCP’s May 2026 Escalation Reaches the Source Code Platform
Summary May 2026 marked the most intense stretch of TeamPCP’s ongoing supply May 25, 2026
Amber | Attack Report
Inside Storm-2949’s Cloud Takeover Campaign Targeting Microsoft 365 and Azure
Summary Storm-2949, a sophisticated threat actor first seen in 2026, has been May 21, 2026
Red | Vulnerability Report
Dead.Letter Walking: Unauthenticated RCE Stalks Exim Mail Servers
Summary CVE-2026-45185, known as Dead.Letter, is a critical unauthenticated remote code execution May 21, 2026
Amber | Vulnerability Report
One Million WordPress Sites at Risk: Avada Builder Flaws Expose Sensitive Data
Summary Two newly disclosed security vulnerabilities in the widely used Avada Builder May 21, 2026
Red | Vulnerability Report
Three Strikes in Two Weeks: Fragnesia Joins the Dirty Frag Family
Summary Fragnesia (CVE-2026-46300) is a critical local privilege escalation vulnerability discovered in May 21, 2026
Red | Vulnerability Report
Critical NGINX Vulnerabilities Including 18-Year-Old RCE Flaw Actively Exploited
Summary F5 has released emergency security patches addressing six critical vulnerabilities in May 21, 2026
1 2 240

HiveForce Labs Research At Your Fingertips

Stay informed with HiveForce Labs as they provide comprehensive insights into the latest vulnerabilities, threats, and threat actor activities.

Subscribe below to receive in-depth weekly and monthly updates, along with daily and weekly advisories designed to help you proactively manage and mitigate cybersecurity risks.

Subscribe Here

HiveForce Labs threat advisories help security teams turn daily exploit activity into action. For teams evaluating how AI can prioritize advisories and active exploitation, see our guide to AI cybersecurity tools.