
HiveForceLabs has reported a sharp rise in cybersecurity threats, highlighting the increasing complexity and frequency of global cyber incidents. Over the past week, 11 major attacks were detected, 11 critical vulnerabilities were publicly disclosed, and two active threat actor groups were monitored, signaling a concerning escalation in malicious activity.
Notable vulnerabilities included an actively exploited zero-day in Cisco Catalyst SD-WAN Manager(CVE-2026-20245) that chains earlier auth-bypass flaws to turn net admin access into root and fleet-wide impact, and a legacy-IKEv1 authentication-bypass zero-day in Check Point's VPN products (CVE-2026-50751) already linked to a Qilin ransomware affiliate.
On the tooling and actor side, anew ransomware operator, CMD Organization, emerged with a novel public crypto-bidding model that auctions stolen data alongside negotiations, and a new modular post-exploitation backdoor, MLT Backdoor, surfaced using a ClickFix delivery chain. This underscore the need for disciplined security updates and sustained monitoring in response to rapidly evolving attack methodologies.