Threat Landscape

Real-time data from CISA and NIST demonstrates why continuous information security is not optional — it is a necessity.

Global threat activity

Real-time data from multiple open threat databases shows where cyber attacks originate and how they target European countries.

Attack traffic (SANS)
Malware C2 (ThreatFox)
Blocklist (Blocklist.de)
Malware distribution (URLhaus)
Compromised (ET)
Known threats (CI Army)
European targets

Threat source summary

Aggregated statistics from the six threat databases visualised on the map.

Threat sources – geographic spread

Attack traffic (SANS)
761,386,623 indicators · 30 countries
Blocklist (Blocklist.de)
100 indicators · 23 countries
Malware C2 (ThreatFox)
100 indicators · 21 countries
Compromised (ET)
100 indicators · 20 countries
Malware distribution (URLhaus)
100 indicators · 18 countries
Known threats (CI Army)
100 indicators · 18 countries

Top 5 source countries

1United States
249,159,171
2Netherlands
64,881,371
3Brazil
52,369,977
4Bulgaria
50,654,192
5Germany
45,109,472

Total indicator count aggregated across all sources.

1,559

Actively exploited vulnerabilities

20

New in the last 30 days

1,706

New CVEs in the last 7 days

1

Critical (CVSS 9.0+)

16

High (CVSS 7.0–8.9)

Vendors with active remediation deadlines

Ivanti 1 active vulnerabilities
TrueConf 1 active vulnerabilities
Google 1 active vulnerabilities

Ransomware share

20%
Ransomware-linked
Unknown link

313 / 1,559

Critical CVEs in the last 7 days

The five most severe new vulnerabilities with a CVSS score of 9.0 or higher.

9.3
CVE-2026-5463

3 Apr 2026

Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This bre...

Critical

Latest exploited vulnerabilities

CVE-2026-1340 Unknown

Ivanti

Endpoint Manager Mobile (EPMM)

8 Apr 2026

CVE-2026-35616 Unknown

Fortinet

FortiClient EMS

6 Apr 2026

CVE-2026-3502 Unknown

TrueConf

Client

2 Apr 2026

CVE-2026-5281 Unknown

Google

Dawn

1 Apr 2026

CVE-2026-3055 Unknown

Citrix

NetScaler

30 Mar 2026

CVE-2025-53521 Unknown

F5

BIG-IP

27 Mar 2026

CVE-2026-33634 Unknown

Aquasecurity

Trivy

26 Mar 2026

CVE-2026-33017 Unknown

Langflow

Langflow

25 Mar 2026

CVE-2025-32432 Unknown

Craft CMS

Craft CMS

20 Mar 2026

CVE-2025-54068 Unknown

Laravel

Livewire

20 Mar 2026

Why it matters

The threat landscape changes daily

The data above comes directly from the US agencies CISA and NIST. It clearly shows that new threats and vulnerabilities are discovered continuously — and that attackers are actively exploiting them.

New vulnerabilities every day

Hundreds of new CVEs are published every week. Without systematic monitoring, you risk missing critical updates.

Ransomware-linked threats are growing

A significant share of actively exploited vulnerabilities have known links to ransomware campaigns.

Regulatory requirements are tightening

NIS2 and the Cybersecurity Act require organisations to work continuously on risk management and incident preparedness.

Source: CISA Known Exploited Vulnerabilities Source: NIST National Vulnerability Database Source: SANS ISC Source: ThreatFox (abuse.ch) Source: Blocklist.de Source: URLhaus (abuse.ch) Source: Emerging Threats Source: CI Army
Last updated: 10 Apr 2026

Ready to strengthen your cybersecurity?

Book a free meeting and we will discuss how we can help your organisation meet the new requirements.

Book a meeting