Critical Threat Research : The Iranian Cyber War Intensifies!
Comprehensive Threat Exposure Management Platform
For a detailed threat digest, download the PDF file here
HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week, five major attacks were detected, five critical vulnerabilities were actively exploited, and two threat actors were closely monitored, reflecting an alarming escalation in malicious activities.
CVE-2026-31431 “Copy Fail” a critical Linux kernel privilege-escalation flaw in the algif_aead crypto module that lets an unprivileged user gain root via a 732-byte Python exploit, affecting virtually every major Linux distribution shipped since 2017. Silver Fox APT Tax-Themed Campaign China-based threat group ran a large-scale phishing operation against organizations in India and Russia, distributing over 1,600 malicious emails impersonating tax authorities to deploy ValleyRAT and the newly discovered Python-based ABCDoor backdoor through a customized RustSL loader, hitting industrial, consulting, retail, and transportation sectors.
Meanwhile, CVE-2026-0300 PAN-OS Zero-Day, a likely state-sponsored cluster tracked as CL-STA-1132 exploited an unauthenticated buffer overflow in the User-ID Authentication Portal since April 9, gaining root on internet-exposed firewalls, injecting shellcode into nginx, deploying EarthWorm and ReverseSocks5 tunnels, enumerating Active Directory, and systematically destroying forensic evidence. These rising threats pose significant and immediate dangers to users worldwide.
Subscribe to receive our weekly threat digests and alerts directly in your inbox.
