BRICKSTORM Defender Guide (Google Threat Intelligence)
Google's Threat Intelligence outlines how defenders can proactively manage the security posture of their hypervisor environment against BRICKSTORM. Read more →
Storm-1175 Medusa Ransomware Operations (Microsoft Threat Intelligence)
Microsoft's Threat Intelligence outlines how Storm-1175 is attacking public-facing web assets to deploy Medusa ransomware. Read more →
UNC6783 Support Domain Social Engineering (Google Threat Intelligence)
Google's Threat Intelligence team outlines how they are tracking a group abusing <org>[.]zendesk-support<##>[.]com lookalike domains for social engineering. Read more →
Fortinet and Cisco Device Exploitation (Defused Cyber)
Defused Cyber has noted attacks against Fortinet and Cisco devices related to CVE-2026-35616 and CVE-2026-3055 in the wild. Source 1 → Source 2 →
BlueHammer Zero-Day Disclosure (Bleeping Computer)
Bleeping Computer has reported on a disgruntled security researcher dropping "BlueHammer" in response to MSRC's handling of the vulnerability disclosure. Read more →