Weekly Threat Reports
Ransomware activity, critical vulnerabilities, threat actor highlights and IOC trends — generated every Monday from live CTIWATCH platform data.
Qilin Leads Ransomware Activity as 9 KEVs with In-the-Wild Exploitation Added This Week (2026-06-29 to 2026-07-05)
Ransomware activity saw a 8.3% increase this week, with Qilin emerging as the most active group. Nine new CVEs, all with critical severity and confirmed in-the-wild exploitation, were added to the KEV catalog, demanding immediate patching. Geopolitical tensions remain elevated in key regions, particularly concerning North Korean financial targeting.
KEV adds 20 CVEs, Ransomware Activity Halves This Week (2026-06-22 to 2026-06-28)
This week saw a significant reduction in ransomware activity, with victim counts halving compared to the previous week. The KEV catalog expanded with 20 new entries, including 10 critical vulnerabilities actively exploited in the wild. Geopolitical tensions remain elevated, particularly in the China/Taiwan Strait and Russia/Ukraine regions.