Threat Intelligence
Threat Intel
Campaign analysis, actor tradecraft, and operational security observations from Telekom Security.
-
ZipLine-linked spearphishing campaign uses PowerShell backdoor and Cloudflare Tunnel
Telekom Security investigated a spearphishing campaign targeting organizations in several European countries. The campaign ultimately enables follow-on activity that, in at least one observed case, led to the deployment of Qilin ransomwa...
Continue Reading -
Mass exploitation of CVE-2026-1281 and CVE-2026-1340 in Ivanti EPMM
In early 2026, two critical zero-day vulnerabilities in Ivanti’s mobile device management platform - CVE-2026-1281 and CVE-2026-1340 - emerged as significant drivers of incident activity across multiple sectors. Both flaws, rated CVSS 9....
Continue Reading