Threat Landscape
Real-time data from CISA and NIST demonstrates why continuous information security is not optional — it is a necessity.
Global threat activity
Real-time data from multiple open threat databases shows where cyber attacks originate and how they target European countries.
Threat source summary
Aggregated statistics from the six threat databases visualised on the map.
Threat sources – geographic spread
Top 5 source countries
Total indicator count aggregated across all sources.
1,612
Actively exploited vulnerabilities
25
New in the last 30 days
1,666
New CVEs in the last 7 days
7
Critical (CVSS 9.0+)
44
High (CVSS 7.0–8.9)
Vendors with active remediation deadlines
Ransomware share
325 / 1,612
Critical CVEs in the last 7 days
The five most severe new vulnerabilities with a CVSS score of 9.0 or higher.
29 May 2026
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18....
29 May 2026
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18....
29 May 2026
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Tea...
29 May 2026
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to ...
29 May 2026
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header ...
Latest exploited vulnerabilities
| CVE ID | Vendor | Product | Date added | Ransomware |
|---|---|---|---|---|
| CVE-2026-28318 | SolarWinds | Serv-U | 5 Jun 2026 | Unknown |
| CVE-2026-45247 | Mirasvit | Mirasvit Full Page Cache Warmer | 3 Jun 2026 | Unknown |
| CVE-2022-0492 | Linux | Kernel | 2 Jun 2026 | Unknown |
| CVE-2025-48595 | Android | Framework | 2 Jun 2026 | Unknown |
| CVE-2024-21182 | Oracle | WebLogic Server | 1 Jun 2026 | Unknown |
| CVE-2026-0257 | Palo Alto Networks | PAN-OS | 29 May 2026 | Unknown |
| CVE-2026-48027 | Nx | Nx Console | 27 May 2026 | Known |
| CVE-2026-45321 | TanStack | TanStack | 27 May 2026 | Known |
| CVE-2026-8398 | Daemon | Daemon Tools Lite | 27 May 2026 | Unknown |
| CVE-2026-48172 | LiteSpeed | cPanel Plugin | 26 May 2026 | Unknown |
SolarWinds
Serv-U
5 Jun 2026
Mirasvit
Mirasvit Full Page Cache Warmer
3 Jun 2026
Linux
Kernel
2 Jun 2026
Android
Framework
2 Jun 2026
Oracle
WebLogic Server
1 Jun 2026
Palo Alto Networks
PAN-OS
29 May 2026
Nx
Nx Console
27 May 2026
TanStack
TanStack
27 May 2026
Daemon
Daemon Tools Lite
27 May 2026
LiteSpeed
cPanel Plugin
26 May 2026
Why it matters
The threat landscape changes daily
The data above comes directly from the US agencies CISA and NIST. It clearly shows that new threats and vulnerabilities are discovered continuously — and that attackers are actively exploiting them.
New vulnerabilities every day
Hundreds of new CVEs are published every week. Without systematic monitoring, you risk missing critical updates.
Ransomware-linked threats are growing
A significant share of actively exploited vulnerabilities have known links to ransomware campaigns.
Regulatory requirements are tightening
NIS2 and the Cybersecurity Act require organisations to work continuously on risk management and incident preparedness.
Ready to strengthen your cybersecurity?
Book a free meeting and we will discuss how we can help your organisation meet the new requirements.
Book a meeting