Threat Advisories:
Tracking Beast: Tools, Techniques, and Tradecraft in RaaS Operations FAUX#ELEVATE: Obfuscated VBS Campaign Targeting Enterprise HR System TeamPCP’s Automated Supply Chain: From Trivy to LiteLLM in a Multi-Ecosystem Breach Iranian MOIS Leverages Telegram-Based C2 in Espionage Campaign Targeting Dissidents MuddyWater: Iran’s Adaptive Cyber Espionage Machine March 2026 Linux Patch Roundup From Disclosure to Exploitation Overnight of a CVE-2026-33017 Langflow Flaw CVE-2026-20131: Interlock Ransomware Exploits Critical Cisco Secure FMC Flaw Operation GhostMail: The Invisible Inbox Breach Vidar Stealer 2.0 Distributed via Fake Game Cheats on GitHub and Reddit Targeting the Lens: Iranian Cyber Operations Against IP Cameras in the Middle East Konni APT’s Covert RAT Deployment LeakNet Ransomware’s Low-Cost High-Scale Infection Strategy Phishing in the Fog of War: A Surge in State-Aligned Espionage Campaigns Google Rushes to Fix Actively Exploited Flaws VENON Trojan Targets 33 Brazilian Financial Platforms AI-Assisted Slopoly Backdoor Powers Interlock Ransomware Intrusion PhantomRaven: Multi-Wave npm Campaign Stealing CI/CD and Developer Credentials APT28 Deploys Modified Covenant to Spy on Ukrainian Government Microsoft’s March 2026 Patch Tuesday
Critical Threat Research : Middle-East at WAR: The Rapidly Escalating Iranian Cyber Threat Download the Report
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Learning Center
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Learning Center
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
January 29, 2026

Weekly Threat Digest : 19th to 25th JANUARY 2026

HiveForce Labs

HiveForce Labs

For a detailed threat digest, download the PDF file here

HiveForce Labs has flagged a worrying surge in cyber activity, underscoring how global threats are growing both faster and more complex. In the past week, we tracked three significant attacks alongside two critical vulnerabilities, clear signs that adversaries are accelerating their operations and expanding their reach across sectors and regions.

At the vulnerability level, Cisco environments have come under strain. CVE-2026-20045 exposes multiple Cisco Unified Communications products to unauthenticated remote code execution through flawed input validation, with active exploitation already observed against internet-facing systems to gain OS-level access. Even more severe, CVE-2025-20393 is a CVSS 10.0 zero-day in Cisco AsyncOS affecting Secure Email Gateway and management appliances, enabling attackers to execute commands as root via the Spam Quarantine interface. This flaw has been exploited since late November 2025; Cisco released patches on January 15, 2026, and urged immediate upgrades.

Beyond vulnerabilities, several highly orchestrated attack campaigns reveal how threat actors are abusing trust rather than code. One espionage operation leverages U.S.-Venezuela political tensions to deliver the stealthy LOTUSLITE backdoor via DLL sideloading, while other targets are developers through trojanized Visual Studio Code extensions to deploy the Evelyn Stealer. A separate multi-stage campaign shows how complete system compromise can be achieved without a single exploit using social engineering, cloud-hosted payloads, Defender abuse via Defendnot, and ultimately Amnesia RAT for long-term surveillance and data theft before ransomware locks victims out. Taken together, these developments reinforce a simple reality: rapid patching, continuous visibility, and layered defenses are no longer optional in an increasingly aggressive threat landscape.


Subscribe to receive our weekly threat digests and alerts directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Security analysts effectively prioritize vulnerabilities by analyzing risk data on a dashboard.
Blog
Blog
How to Prioritize Vulnerabilities Effectively: A Framework
Learn how to prioritize vulnerabilities effectively with actionable steps, real-world examples, and a proven framework for smarter risk reduction.
A security team reviews a modern CTEM dashboard to manage and prioritize cyber risk.
Blog
Blog
What is CTEM? A Modern Approach to Cyber Risk
Get clear answers to what is CTEM and learn how this modern approach helps you manage cyber risk with practical, actionable steps for your security team.
A complex machine interface showing how CTEM tools help manage and reduce a company's attack surface.
Blog
Blog
7 Best CTEM Tools to Reduce Your Attack Surface
Find the best CTEM tools to reduce your attack surface. Compare features, strengths, and tips for choosing the right CTEM solution for your security needs.
Shield and lock icons showing the five stages of a CTEM cybersecurity program.
Blog
Blog
The 5 Stages of a CTEM Cybersecurity Program
Learn the 5 stages of a CTEM cybersecurity program and see how continuous threat exposure management helps you find and fix real security gaps faster.
IT professionals performing enterprise threat exposure management in a server data center.
Blog
Blog
A Guide to Threat Exposure Management for Enterprises
Get practical tips on threat exposure management for enterprises, including strategies to identify, prioritize, and reduce real-world security risks.
A vulnerability prioritization tool for enterprises shown as interlocking gears with security icons.
Blog
Blog
Top 5 Vulnerability Prioritization Tools for Enterprises
Find the best vulnerability prioritization tool for enterprises. Compare features, benefits, and tips to help your team focus on real security risks.
Uncategorized
Blog
Event-Driven Vulnerability Exposure Management (VEM): Why you should move beyond Human Triggers
The traditional approach to vulnerability management has long followed a familiar pattern: security teams log into their vulnerability management platforms,
Blog
Blog
How Hive Pro Brings Comprehensive Security to  CrowdStrike and SentinelOne
How HivePro Vulnerability Exposure Management (VEM) extends and amplifies the value of your existing endpoint security/EDR investments – turning detection

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo