Blog

Threat Intelligence Blog

Research, insights, and updates from the isMalicious team.

Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment
VulnerabilitiesJun 15, 2026

Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment

The PeopleSoft CVE-2026-35273 exploitation reports show how vulnerability response, ransomware intelligence, IP enrichment, and incident response must work together.

6 min readRead
CISA KEV et GCVE : pourquoi l’exploitation confirmée doit changer vos SLA CVE
VulnerabilitiesMay 24, 2026

CISA KEV et GCVE : pourquoi l’exploitation confirmée doit changer vos SLA CVE

Les vulnérabilités exploitées activement ne doivent pas rester dans le backlog standard. KEV et GCVE aident à distinguer la dette technique du risque immédiat.

5 min readRead
Pourquoi les CVE sont critiques pour les SOC, même quand tout semble déjà monitoré
VulnerabilitiesMay 24, 2026

Pourquoi les CVE sont critiques pour les SOC, même quand tout semble déjà monitoré

Les CVE ne sont pas seulement un sujet patch management : elles structurent la priorisation SOC, le threat hunting, les contrôles compensatoires et la communication de crise.

5 min readRead
CVE Numbering Authorities and the Vulnerability Disclosure Process: A 2026 Practitioner Guide
VulnerabilitiesApr 25, 2026

CVE Numbering Authorities and the Vulnerability Disclosure Process: A 2026 Practitioner Guide

Understand how CVEs are born—from initial vulnerability discovery through CNA assignment, coordinated disclosure, and publication—plus how this pipeline shapes defender priorities and SEO-visible vulnerability data.

10 min readRead
CVE & Vulnerability Management in 2026: From Disclosure to Patch at Scale
VulnerabilitiesApr 17, 2026

CVE & Vulnerability Management in 2026: From Disclosure to Patch at Scale

A practical guide to the CVE ecosystem, CVSS scoring, exploitability signals, and how security teams prioritize vulnerabilities without drowning in scanner noise.

8 min readRead
CVSS 4.0 Explained: A Complete Guide to Vulnerability Severity Scoring in 2026
VulnerabilitiesApr 17, 2026

CVSS 4.0 Explained: A Complete Guide to Vulnerability Severity Scoring in 2026

Master the Common Vulnerability Scoring System v4.0 with a practical breakdown of base, threat, environmental, and supplemental metrics—and learn how to translate CVSS into real-world risk decisions.

10 min readRead
Penetration Testing vs. Vulnerability Scanning: What's the Difference?
VulnerabilitiesFeb 14, 2026

Penetration Testing vs. Vulnerability Scanning: What's the Difference?

Often confused, these two security practices serve very different purposes. Discover when to use automated scanning and when to invest in a manual penetration test.

3 min readRead
Zero-Day Vulnerabilities: Detection, Response, and Threat Intelligence
VulnerabilitiesOct 1, 2025

Zero-Day Vulnerabilities: Detection, Response, and Threat Intelligence

Zero-day vulnerabilities pose one of the greatest cybersecurity challenges. Learn how to detect exploitation attempts, respond effectively, and leverage threat intelligence to protect your organization from unknown threats.

8 min readRead

Expert Threat Intelligence Analysis

Our blog features in-depth analysis from our threat research team. Each article is backed by real data from our analysis of millions of malicious domains, IPs, and URLs across the global threat landscape. Topics include ransomware campaigns, phishing techniques, malware distribution networks, and emerging threat trends. We publish actionable intelligence that security teams can immediately use to improve their defenses.

Practical Security Guidance

Beyond threat analysis, we share practical guidance for security practitioners. Our tutorials cover API integration, SIEM configuration, threat hunting techniques, and building effective threat intelligence programs. Whether you're a SOC analyst, security engineer, or CISO, you'll find content tailored to your role and experience level.

Stay Ahead of Emerging Threats

The threat landscape evolves constantly. Our blog keeps you informed about the latest attack techniques, newly discovered vulnerabilities, and emerging threat actors. Subscribe to our newsletter for weekly digests of the most important developments in cybersecurity.

Subscribe to Our Newsletter

Weekly threat intelligence insights delivered to your inbox.