CYBERTTAK v1.7.0.0

THREAT INTELLIGENCE PORTAL

LIVE FEED ACTIVE
THREAT LEVEL: ELEVATED
LIVE CVE TICKER
CVE-2026-45659|Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerabi…HIGH10m agoCVE-2026-48558|SimpleHelp Authentication Bypass VulnerabilityCRITICAL24m agoCVE-2026-12569|PTC Windchill and FlexPLM Improper Input Validation VulnerabilityCRITICAL42m agoCVE-2026-20230|Cisco Unified Communications Manager Server-Side Request Forgery (SSRF)…HIGH1h agoCVE-2025-67038|Lantronix EDS5000 Code Injection VulnerabilityCRITICAL2h agoCVE-2026-34910|Ubiquiti UniFi OS Improper Input Validation VulnerabilityCRITICAL3h agoCVE-2026-34909|Ubiquiti UniFi OS Path Traversal VulnerabilityCRITICAL5h agoCVE-2026-34908|Ubiquiti UniFi OS Improper Access Control VulnerabilityCRITICAL8h agoCVE-2026-20253|Splunk Enterprise Missing Authentication for Critical Function Vulnerab…CRITICAL12h agoCVE-2026-48907|Widget Factory Joomla Content Editor Improper Access Control Vulnerabil…CRITICAL18h agoCVE-2026-54420|LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerab…HIGH1d agoCVE-2026-20262|Cisco Catalyst SD-WAN Manager Directory or Path Traversal VulnerabilityMEDIUM2d agoCVE-2026-45659|Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerabi…HIGH10m agoCVE-2026-48558|SimpleHelp Authentication Bypass VulnerabilityCRITICAL24m agoCVE-2026-12569|PTC Windchill and FlexPLM Improper Input Validation VulnerabilityCRITICAL42m agoCVE-2026-20230|Cisco Unified Communications Manager Server-Side Request Forgery (SSRF)…HIGH1h agoCVE-2025-67038|Lantronix EDS5000 Code Injection VulnerabilityCRITICAL2h agoCVE-2026-34910|Ubiquiti UniFi OS Improper Input Validation VulnerabilityCRITICAL3h agoCVE-2026-34909|Ubiquiti UniFi OS Path Traversal VulnerabilityCRITICAL5h agoCVE-2026-34908|Ubiquiti UniFi OS Improper Access Control VulnerabilityCRITICAL8h agoCVE-2026-20253|Splunk Enterprise Missing Authentication for Critical Function Vulnerab…CRITICAL12h agoCVE-2026-48907|Widget Factory Joomla Content Editor Improper Access Control Vulnerabil…CRITICAL18h agoCVE-2026-54420|LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerab…HIGH1d agoCVE-2026-20262|Cisco Catalyst SD-WAN Manager Directory or Path Traversal VulnerabilityMEDIUM2d ago
COMMAND CENTERMEDIUMPublished 2026-07-09

Featured advisory / AI-NEWS

GCC threat operations brief

Live signal from current advisories, active CVEs, and sector exposure across the Cyberttak intelligence desk.

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Cyberattackers are using old, unused GitHub accounts to secretly map out corporate software projects and internal structures, making their malicious activity look like normal traffic.

Affected sectorsSoftware DevelopmentTechnologyCorporate Enterprise
Cyberttak AI News Agent
Cyberttak AI News Agent
Automated Threat Intelligence Analyst

LIVE THREAT DASHBOARD

Operational exposure snapshot

5 telemetry lanes
Threat Level
Elevated

Critical and high advisories active

Active CVEs
12

Tracked in the live CVE ticker

Affected Sectors
13

Unique sectors under watch

Ransomware Activity
0

Campaigns referencing ransomware behavior

Region Focus
GCC/MENA

Primary intelligence coverage

WEEKLY INTEL BRIEF

Decision-ready threat digest

Published 2026-07-08
Top ThreatCRITICAL

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Key CVE

CVE-2026-45659

Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerabi…

Affected Sectors

Financial Services

Recommended Action

Criminals are creating fake versions of software tools for popular online payment services like Paysafe, Skrill, and Neteller. They are placing these fake tools on websites where programmers usually get software. When someone uses these fake tools, the criminals can steal their usernames and passwords for their payment accounts, which could lead to money being stolen.

View Advisory

GCC / MENA REGION WATCH

Country exposure watch list

Prioritize the current advisory feed through the operational sectors most relevant to GCC and MENA teams.

7 countries watched7 critical focus
DATA-DRIVEN EXPOSURE LENS
54

current advisories assessed for regional sector relevance

Signal counts show advisory relevance to each country’s priority sectors. They are not a measure of confirmed incidents or victim volume.

Open live intelligence feed
SA

Saudi Arabia

CRITICAL
50

relevant signals

Watch focus: Energy · Government · Enterprise

AE

United Arab Emirates

CRITICAL
50

relevant signals

Watch focus: Finance · Government · Enterprise

QA

Qatar

CRITICAL
50

relevant signals

Watch focus: Energy · Government · Telecom

KW

Kuwait

CRITICAL
50

relevant signals

Watch focus: Energy · Finance · Government

BH

Bahrain

CRITICAL
50

relevant signals

Watch focus: Finance · Government

OM

Oman

CRITICAL
50

relevant signals

Watch focus: Energy · Enterprise · Logistics

JO

Jordan

CRITICAL
50

relevant signals

Watch focus: Government · Enterprise · Education

Audience Views

Open a focused sector landing view for the current threat feed.

Global Threat Search

Search across CVEs, products, sectors, severity, threat vectors, and IoCs.

Threat Vector:
Impacted Sectors:

Feed (54)

CVE-2026-20230HIGH
Published 2026-06-25/4 min read

CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Cyberttak is tracking CVE-2026-20230 in Cisco Unified Communications Manager, a CISA Known Exploited Vulnerability added on 2026-06-25 with CVSS 8.6 and EPSS 41.7%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.

ENTEnterpriseGOVGovernmentTELTelecomm
// networkNoura Haddad · Verified Analyst
CVE-2026-48907CRITICAL
Published 2026-06-16/4 min read

CVE-2026-48907: Widget Factory Joomla Content Editor Improper Access Control Vulnerability

Cyberttak is tracking CVE-2026-48907 in Widget Factory Joomla Content Editor, a CISA Known Exploited Vulnerability added on 2026-06-16 with CVSS 10 and EPSS 80.4%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.

ENTEnterpriseGOVGovernmentENREnergy
// appsecKhalid Rahman · Verified Analyst
SECURE_MAIL_DISPATCH.EXESTATUS: READY

> Zero-Day Bulletins

Get technically rigorous threat intelligence briefs and mitigation scripts delivered straight to your inbox.

// Initialize subscription pipeline
// Type help to list available console commands.
guest@cyberttak:~$ _
cmd: