Threat Landscape
Real-time data from CISA and NIST demonstrates why continuous information security is not optional — it is a necessity.
Global threat activity
Real-time data from multiple open threat databases shows where cyber attacks originate and how they target European countries.
Threat source summary
Aggregated statistics from the six threat databases visualised on the map.
Threat sources – geographic spread
Top 5 source countries
Total indicator count aggregated across all sources.
1,590
Actively exploited vulnerabilities
31
New in the last 30 days
1,650
New CVEs in the last 7 days
26
Critical (CVSS 9.0+)
33
High (CVSS 7.0–8.9)
Vendors with active remediation deadlines
Ransomware share
318 / 1,590
Critical CVEs in the last 7 days
The five most severe new vulnerabilities with a CVSS score of 9.0 or higher.
4 May 2026
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX fi...
4 May 2026
3onedata modbus gateway device model GW1101-1D(RS-485)-TB-P (hardware version V2.2.0) allows authenticated users to execute arbitrary shell commands in the context of the root user by providing pay...
4 May 2026
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox a...
4 May 2026
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the ...
4 May 2026
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can ...
Latest exploited vulnerabilities
| CVE ID | Vendor | Product | Date added | Ransomware |
|---|---|---|---|---|
| CVE-2026-42208 | BerriAI | LiteLLM | 8 May 2026 | Unknown |
| CVE-2026-6973 | Ivanti | Endpoint Manager Mobile (EPMM) | 7 May 2026 | Unknown |
| CVE-2026-0300 | Palo Alto Networks | PAN-OS | 6 May 2026 | Unknown |
| CVE-2026-31431 | Linux | Kernel | 1 May 2026 | Unknown |
| CVE-2026-41940 | WebPros | cPanel & WHM and WP2 (WordPress Squared) | 30 Apr 2026 | Known |
| CVE-2024-1708 | ConnectWise | ScreenConnect | 28 Apr 2026 | Unknown |
| CVE-2026-32202 | Microsoft | Windows | 28 Apr 2026 | Unknown |
| CVE-2025-29635 | D-Link | DIR-823X | 24 Apr 2026 | Unknown |
| CVE-2024-7399 | Samsung | MagicINFO 9 Server | 24 Apr 2026 | Unknown |
| CVE-2024-57728 | SimpleHelp | SimpleHelp | 24 Apr 2026 | Unknown |
BerriAI
LiteLLM
8 May 2026
Ivanti
Endpoint Manager Mobile (EPMM)
7 May 2026
Palo Alto Networks
PAN-OS
6 May 2026
Linux
Kernel
1 May 2026
WebPros
cPanel & WHM and WP2 (WordPress Squared)
30 Apr 2026
ConnectWise
ScreenConnect
28 Apr 2026
Microsoft
Windows
28 Apr 2026
D-Link
DIR-823X
24 Apr 2026
Samsung
MagicINFO 9 Server
24 Apr 2026
SimpleHelp
SimpleHelp
24 Apr 2026
Why it matters
The threat landscape changes daily
The data above comes directly from the US agencies CISA and NIST. It clearly shows that new threats and vulnerabilities are discovered continuously — and that attackers are actively exploiting them.
New vulnerabilities every day
Hundreds of new CVEs are published every week. Without systematic monitoring, you risk missing critical updates.
Ransomware-linked threats are growing
A significant share of actively exploited vulnerabilities have known links to ransomware campaigns.
Regulatory requirements are tightening
NIS2 and the Cybersecurity Act require organisations to work continuously on risk management and incident preparedness.
Ready to strengthen your cybersecurity?
Book a free meeting and we will discuss how we can help your organisation meet the new requirements.
Book a meeting