Threat Intelligence Dashboard

LIVE

Last updated: March 15, 2026 · 09:00 UTC · Data aggregated from public threat feeds

RSS Feed Get Daily Briefing

CVEs (March)

1,847

↑ +23% vs Feb

KEV Added

This week

Active RaaS Groups

↑ +8 in Q1

Avg Ransom (USD)

$4.2M

↑ All-time high

Records Breached

2.3B

Q1 2026

CVE Severity Distribution March 2026

Critical

447

High

757

Medium

480

Low

163

1,847 total CVEs published this month

24.2% critical

65.7% high/critical

Most Active Ransomware Groups

Q1 2026

Group	Victims	Trend
BlackNova Healthcare, Finance	143	↑↑
Phantom Circuit Critical Infrastructure	97	↑
SilverThread Supply Chain	84	↑
VoidSpider Government, Education	71	→
IronLock Manufacturing	58	↓

View all 64 active groups →

CISA KEV — Recent Additions Mar 8–15

CVE-2026-0847

Windows MSHTML Zero-Click RCE

Microsoft · Added Mar 12, 2026

9.8

CVE-2026-1103

Ivanti Connect Secure Auth Bypass

Ivanti · Added Mar 11, 2026

9.4

CVE-2026-0912

Fortinet FortiGate SSL-VPN RCE

Fortinet · Added Mar 10, 2026

9.6

CVE-2026-0773

Cisco IOS XE Web UI Privilege Escalation

Cisco · Added Mar 9, 2026

8.8

CVE-2026-0644

Adobe Acrobat Reader OOB Write

Adobe · Added Mar 8, 2026

8.2

Full CISA KEV catalog ↗

Sector Attack Volume — 7 Day Trend Q1 2026

Nation-State APT Activity

Active Campaigns

Threat Actor	Origin	Activity
APT-41 (WINNTI) Espionage + Financial	🇨🇳 CN	HIGH
COZY BEAR (APT-29) Diplomatic Espionage	🇷🇺 RU	HIGH
VELVET STORM AI-Assisted Phishing	🇰🇵 KP	CRITICAL
TA453 (Charming Kitten) Think Tank Targeting	🇮🇷 IR	MEDIUM
SANDWORM Infrastructure Disruption	🇷🇺 RU	MEDIUM

Intelligence Activity Feed

LIVE

🎯

CVE-2026-0847 confirmed exploited by APT-41 against govt targets in Southeast Asia

2 hours ago · Vulnerabilities

💀

BlackNova ransomware group claims attack on 3 German manufacturing firms

5 hours ago · Ransomware

🤖

New AI-generated phishing campaign targets SWIFT financial messaging users

8 hours ago · AI Security

☁️

AWS S3 bucket misconfiguration exposes 14M records from healthcare provider

11 hours ago · Cloud Security

🔗

npm audit: 3 additional malicious packages linked to ShadowPackage campaign identified

14 hours ago · Supply Chain

🔓

CISA adds CVE-2026-1103 Ivanti Connect Secure to Known Exploited Vulnerabilities catalog

1 day ago · Vulnerabilities

Read full intelligence reports →

Threat Intelligence Dashboard

Get This Dashboard in Your Inbox Every Morning