Q1 2026 Malware Statistics Report for Linux SSH Servers
Overview. ASEC analyzed the statistics of attacks against Linux SSH servers in Q1 2026 based on honeypot logs. The P2PInfect worm dominated, accounting for 70.3% of all attack sources, and DDoS bots such as Mirai, XMRig, Prometei, and CoinMiner were identified as the main threats. Purpose and Scope. the purpose
March 2026 Ransomware Trends Report
Purpose and Scope. this report summarizes the number of ransomware samples, number of affected systems, DLS-based statistics, and major Korean & Global ransomware issues identified during the month of March 2026. Key statistics. ransomware sample counts and victimized systems statistics were aggregated by detection name assigned by AhnLab. statistics on
April 13, 2026
April 13, 2026 Hash 1fdb5c92d43f9d8b432b797c2780fc5ae 24edb28d78783837d8781dddb4dfd19c4 34c40697abd12437088f2e630e37301cb URL 1http[:]//pub-45c2577dbd174292a02137c18e7b1b5a[.]r2[.]dev/ 2http[:]//46[.]151[.]182[.]82/sh 3https[:]//upgrade[.]gg/ IP 1114[.]220[.]238[.]30 2170[.]238[.]45[.]43 3183[.]56[.]235[.]140...
OpenSSL Product Security Update Advisory
Overview. An out-of-bounds read vulnerability (CVE-2026-28386) and a NULL pointer dereference vulnerability (CVE-2026-28388, CVE-2026-28389, CVE-2026-28390) in OpenSSL have been disclosed. affected products are systems and applications that use the OpenSSL library. Vulnerability Summary. CVE-2026-28386: An out-of-bounds read vulnerability. CVE-2026-28388: NULL pointer dereference vulnerability. CVE-2026-28389: NULL pointer dereference vulnerability. CVE-2026-28390: NULL
Spring Product Security Update Advisory (CVE-2026-22750)
Spring product security update advisory (CVE-2026-22750). Affected products and scope of impact. the affected product is Spring Cloud Gateway version 4.2.0. Vulnerability overview. the vulnerability (CVE-2026-22750) is an issue where SSL bundle settings are unceremoniously ignored. this could allow an application to establish a connection without applying the intended TLS
Apache Product Security Update Advisory (CVE-2026-34197)
Summary. A lack of input validation and code injection vulnerability (CVE-2026-34197) was reported in Apache ActiveMQ and Apache ActiveMQ Broker. Affected Versions. Apache ActiveMQ Broker: 5.19.4 and earlier and 6.0.0 and earlier and 6.2.3 and earlier. Apache ActiveMQ: 5.19.4 and earlier and 6.0.0 and earlier than 6.2.3. Vulnerability Description and
March 2026 Dark Web Issue Trends Report
Alert this report is a summary of deep web and dark web source-based material and contains some facts that cannot be fully verified due to the nature of the sources. Major Issues BreachForums’ internal collapse and attempts to rebuild were observed. trust was undermined by the betrayal of moderators and
March 2026 Dark Web Threat Actor Trends Report
Alerts this report is a compilation of trends centered on hacktivists operating on the deep web and dark web. some alleged attacks are labeled as observations due to limited independent technical verification. Major Issues Handala’s multi-pronged offensive stood out. The group used a combination of psychological warfare and subversive attacks,
March 2026 Dark Web Breach Trends Report
Alerts this report is based on reports of data breaches and the sale of initial access rights posted on deep web-dark web forums. some parts of the report contain information that cannot be fully verified as factual due to the nature of the source. Major Issues Multiple breach claims by
Statistics Report on Malware Targeting Windows Database Servers in Q1 2026
Description. analysis of ASEC’s ASD logs for Q1 2026 showed a consistent trend of attacks against MS-SQL and MySQL. the number of attacks tended to decrease temporarily in February before increasing again in March. Purpose and Scope. this report summarizes the statistics of attacks targeting MS-SQL and MySQL servers installed
