Threat Hunt Feed (2026-05-07)
Hacker News: Best
- Agents can now create Cloudflare accounts, buy domains, and deploy — Wed, 06 May 2026 03:10:33 +0000
- Matched TTPs: Databases (T1213.006), Domains (T1584.001), Server (T1584.004), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
- Write some software, give it away for free — Tue, 05 May 2026 21:26:50 +0000
- Matched TTPs: Software (T1592.002)
- DNSSEC disruption affecting .de domains – Resolved — Tue, 05 May 2026 20:16:35 +0000
- Matched TTPs: DNS (T1071.004), Domains (T1584.001)
BleepingComputer
- Hackers abuse Google ads for GoDaddy ManageWP login phishing — Wed, 06 May 2026 17:36:06 -0400
- Matched TTPs: Adversary-in-the-Middle (T1557), Malware (T1588.001), Hardware (T1592.001), Proxy (T1090), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
- DAEMON Tools devs confirm breach, release malware-free version — Wed, 06 May 2026 12:43:30 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
The Hacker News
- Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks — Thu, 07 May 2026 01:51:00 +0530
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Cron (T1053.003), Vulnerabilities (T1588.006), Botnet (T1584.005), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack — Wed, 06 May 2026 18:30:00 +0530
- Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), DLL (T1574.001), Remote Access Tools (T1219), Domains (T1584.001), Server (T1584.004), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open — Wed, 06 May 2026 17:33:00 +0530
- Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), At (T1053.002)
- Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs — Wed, 06 May 2026 14:04:00 +0530
- Matched TTPs: Scheduled Task (T1053.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution — Wed, 06 May 2026 11:44:00 +0530
- Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), At (T1053.002)