Telecommunications Intelligence
Attacks against telecom providers, ISPs, and communications infrastructure.
UNC3886 Deploys Firmware Rootkit on Juniper MX Routers via Zero-Day
UNC3886 exploits Juniper Junos zero-day to deploy firmware-level rootkits on MX-series routers. Implant survives software upgrades and factory resets.
Salt Typhoon Compromises Three Additional US Telecom Providers
CISA and FBI confirm Salt Typhoon has compromised three additional US telecom providers, totaling twelve. Lawful intercept systems accessed.
Critical Fortinet FortiManager Flaw Enables Managed Firewall Takeover
CVE-2026-48788 allows registration of rogue FortiGate devices to FortiManager, enabling config push to entire managed firewall estate.
Flax Typhoon IoT Botnet Resurfaces with 300,000 Compromised Devices
Despite FBI disruption in 2024, Flax Typhoon has rebuilt its IoT botnet to over 300,000 compromised routers, cameras, and NAS devices worldwide.
Critical Cisco NX-OS Command Injection Affects Data Center Switches
Command injection in Cisco NX-OS CLI allows authenticated users to escalate to root on Nexus data center switches. PoC exploit published.
APT28 Exploits Cisco Router Vulnerabilities for Long-Term Espionage
UK NCSC warns APT28 exploiting Cisco router vulnerabilities to establish persistent espionage infrastructure across European government networks.
Sandworm Uses Compromised Ubiquiti Routers as C2 Infrastructure
FBI warns Sandworm is using a botnet of compromised Ubiquiti EdgeRouters as proxy C2 infrastructure for espionage operations against NATO targets.
Australia Cyber Security Centre Warns of Attacks on Critical Infrastructure OT Networks
ACSC issues urgent advisory on increased targeting of Australian critical infrastructure OT networks by state-sponsored actors.
Google Project Zero Discloses Linux Kernel Zero-Day in eBPF Subsystem
Google Project Zero discloses a critical privilege escalation in the Linux kernel eBPF verifier. Affects cloud workloads, containers, and Android.