Threat Advisories:
Brand Hijack in Cybercrime: Who Is Pretending to Be ShinyHunters? Nexcorium: IoT Botnet Campaign Exploiting TBK DVR Devices CVE-2026-34197: Jolokia Exposure Enables RCE in ActiveMQ Inside the PHANTOMPULSE Social Engineering Kill Chain Payouts King Ransomware Blending In Before Breaking Through MCPwn: Critical Nginx UI Bug Opens the Door to Remote Control Microsoft’s April 2026 Patch Tuesday Storm-2755’s Silent Payroll Heist Targeting Canada From Advisory to Attack in Under 10 Hours: Marimo’s Critical RCE Flaw Handala Claims Destructive Wiper Attack on GCC Nation’s Critical Infrastructure Active Exploitation of Critical Adobe Prototype Pollution Flaw Masjesu: Exploit-Driven Botnet with Stealth, Scale, and Staying Power UAT-10362 Deploys LucidRook Malware Against Taiwanese NGOs Pawn Storm’s Dual Zero-Day Exploit Unleashed Important according to Google magic Iranian-Affiliated CyberAv3ngers Exploits Internet-Exposed PLCs in U.S. APT28 Exploits SOHO Routers for Large-Scale DNS Hijacking and Credential Theft Spraying for Access: Iran-Aligned Actors Turn Weak Credentials into Intelligence TrueConf Zero-Day Abused in Operation TrueChaos to Weaponize Software Updates Fortinet EMS Left Defenseless by CVE-2026-35616 Axios npm Supply Chain Attack: What You Need to Know
New Report Critical Threat Research : The Iranian Cyber War Intensifies! Download the Report
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Learning Center
Podcasts
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoFree Iranian Exposure Assessment
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Learning Center
Podcasts
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoFree Iranian Exposure Assessment
April 6, 2026

Monthly Threat Digest MARCH 2026

For a detailed threat digest, download the pdf file here


March marked a turning point in the threat landscape, with five actively exploited zero-days reshaping the pace and urgency of cyber defense. Among the most concerning developments is the continued activity of Void Manticore, an Iranian state-backed group linked to MOIS. The group has intensified its hybrid warfare playbook, blending destructive wiper malware with coordinated data leaks and psychological operations to amplify disruption beyond the technical domain.

At the same time, the Russia-linked APT28 has escalated its targeting of Ukrainian government entities, leveraging the Microsoft Office vulnerability CVE-2026-21509 to gain footholds within critical systems. This activity underscores a persistent trend of state-sponsored actors rapidly operationalizing newly discovered flaws to support strategic intelligence objectives and destabilization efforts.

On the vulnerability front, vendors are racing to contain active exploitation. VMware pushed urgent patches for multiple flaws in VMware Aria Operations, including CVE-2026-22719, while Google Chrome users faced immediate risk from CVE-2026-3909 and CVE-2026-3910. These vulnerabilities, affecting components like Skia and the V8 engine, highlight how browser-level flaws remain prime entry points for attackers.

Compounding the threat environment, rising geopolitical tensions have fueled a surge in cyber-enabled influence and intrusion campaigns. Threat actors are capitalizing on this climate through phishing lures, credential harvesting, and multi-stage malware delivery. Simultaneously, the TeamPCP supply chain campaign signals a shift toward ecosystem-level compromise, targeting widely used developer tools. As these risks converge, proactive patching, supply chain scrutiny, and layered defenses are no longer optional; they are operational imperatives.


Subscribe to receive our weekly threat digests and alerts directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

API security testing and vulnerability assessment workflow diagram
Uncategorized
Blog
API Security Testing and Vulnerability Assessment
APIs now carry more sensitive data than traditional web interfaces. Payment details, health records, authentication tokens, and customer databases all
Cybersecurity team analyzing predictive threat intelligence to protect an organization.
Blog
Blog
What is Predictive Threat Intelligence for Organizations?
Learn how predictive threat intelligence for organizations helps you anticipate cyber threats, prioritize risks, and strengthen your security posture.
Cybersecurity professionals analyzing a risk-based vulnerability management platform on a laptop.
Article
Blog
What Is a Risk-Based Vulnerability Management Platform?
A risk-based vulnerability management platform helps you prioritize threats, focus on real risks, and streamline your security efforts for better protection.
A man using a risk-based vulnerability management tool on a laptop to prioritize cyber risk.
Article
Blog
What Is a Risk-Based Vulnerability Management Tool?
A risk based vulnerability management tool helps you prioritize and fix security risks efficiently by focusing on threats that matter most to your business.
Vulnerability management dashboard displaying key security metrics and risk prioritization for effective analysis.
Blog
Blog
What Makes a Vulnerability Management Dashboard Effective?
A vulnerability management dashboard helps you track, prioritize, and remediate security risks with clear insights and actionable data for your team.
Blog
Blog
Threat Intelligence for Exposure Management: How TI Powers Smarter CTEM Programs
Your security team has access to more vulnerability data than ever before. Scanners produce thousands of findings each week. Threat
Blog
Blog
Vulnerability Remediation: The Complete Guide to Fixing Security Weaknesses
Master the vulnerability remediation process from triage to verification. Learn SLA frameworks, compensating controls, and how automated orchestration reduces MTTR by 60-80%.
Blog
Blog
What Is CAASM? Cyber Asset Attack Surface Management Explained
Your security team runs scans from five different tools. Each one gives you a different number of assets, a different

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo