Threat Landscape
Gain deeper insights into threat trends and actual intrusions in your network, powered by our Threat Detection and Research team (TDR) and supported by Sekoia’s real-time telemetry across our global customer base.
Last 30 days
Latest FLINTs reports
Our latest four reports, manually selected by TDR, focus on new campaigns and threats relevant to you.
Published 4 months ago
2 IOCs 
Published 10 days ago
8 IOCs 
Published 25 days ago
Published about 1 month ago
11 IOCs 
Trending Malware
Latest most relevant malware familiy, picked by our TDR team.
Modified 5 months ago
36700 IOCs Malware Prevalence trends
Last 30 days
-
Trends regarding Malware families based on Sekoia’s global alerts.
Alerts in my community 
Trending Campaign
Latest most relevant threat campaign, picked by our TDR team.
Modified 24 days ago
1 IOCs MITRE Technique Prevalence trends
Last 30 days
-
Trends regarding MITRE techniques based on Sekoia’s global alerts.
Global Top Threats
Last 30 days
-
Last week's top threat objects, ranked by the number of relationships.
| Object name | Related IOCs | Last week | Impact | Reports |
|---|---|---|---|---|
DcRat | 100234 | 2732 | Negative | Link |
 Evilginx3 | 237863 | 2079 | Negative | Link |
SUGARDUMP | 10495 | 2030 | Negative | Link |
 Phishing | 1030953 | 2029 | Negative | Link |
Remcos | 97633 | 1956 | Negative | Link |
Trending Adversary
Latest most relevant adversary, picked by our TDR team.
Modified about 1 month ago
16 IOCs Adversaries Activity Trend
Adversary activity delta for the selected quarter
Q2 - 2025
Top Ranked Adversaries
Last 30 days
-
Top 5 adversaries based on indicators and relationships.
Latest Adversaries reports
Latest most recent reports mentioning Intrusion sets or Threat Actors.
Top Malware Families
Last 30 days
-
Top 5 malware families based on indicators and relationships.
Top Tools
Last 30 days
-
Top 5 Tool based on indicators and relationships.
Trending Vulnerability
Latest most relevant vulnerability, picked by our TDR team.
Modified about 2 months ago
Latest Known Exploited Vulnerabilities
Latest list of vulnerabilities retrieved from the CISA.gov database.
| Vulnerability name | Score | Date added |
|---|---|---|
Linux Kernel Improper Ownership Management Vulnerability Linux / Kernel CVE-2023-0386 Linux Kernel Improper Ownership Management VulnerabilityLinux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. Date added Jun 17, 2025 Score 7.8 undefined | 7.8 undefined | Jun 17, 2025 |
TP-Link Multiple Routers Command Injection Vulnerability TP-Link / Multiple Routers CVE-2023-33538 TP-Link Multiple Routers Command Injection VulnerabilityTP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. Date added Jun 16, 2025 Score 8.8 undefined | 8.8 undefined | Jun 16, 2025 |
Apple Multiple Products Unspecified Vulnerability Apple / Multiple Products CVE-2025-43200 Apple Multiple Products Unspecified VulnerabilityApple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link. Date added Jun 16, 2025 Score 4.8 undefined | 4.8 undefined | Jun 16, 2025 |
Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability Web Distributed Authoring and Versioning / Web Distributed Authoring and Versioning (WebDAV) CVE-2025-33053 Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path VulnerabilityWeb Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows. Date added Jun 10, 2025 Score 8.8 undefined | 8.8 undefined | Jun 10, 2025 |
Wazuh Server Deserialization of Untrusted Data Vulnerability Wazuh / Wazuh Server CVE-2025-24016 Wazuh Server Deserialization of Untrusted Data VulnerabilityWazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers. Date added Jun 10, 2025 Score 9.9 undefined | 9.9 undefined | Jun 10, 2025 |