Is defend.network free to use?

Yes. defend.network is completely free with no signup, no paywall, and no account required. Daily threat briefings, live vulnerability reports, and the security tools directory are all open to everyone.

How often is defend.network updated?

A new AI-generated threat briefing is published every day at 04:00 UTC. The vulnerability report is a living document that opens at the start of each week and refreshes daily as new briefings land, with still-exploited CVEs carrying over between weeks. Threat and industry category pages also update daily.

Where does defend.network get its data?

Briefings are synthesized from ten authoritative cybersecurity feeds: CISA advisories, The Hacker News, BleepingComputer, Krebs on Security, Dark Reading, The Record, SecurityWeek, Schneier on Security, HackRead, and Sophos News. Every CVE is cross-checked against the NVD and the CISA Known Exploited Vulnerabilities (KEV) catalog.

How are CVEs and severity ratings verified?

Each CVE mentioned in a briefing or vulnerability report is verified against the National Vulnerability Database (NVD) and the CISA KEV catalog. Severity is derived from the CVSS score and known-exploited status, so reports prioritize what is actually being exploited in the wild.

What does defend.network cover?

Coverage spans 16 threat categories (such as ransomware, phishing, zero-day exploits, and supply-chain attacks), 13 affected industries (healthcare, finance, government, and more), live vulnerability reports with patch-priority guidance, and a directory of 59 security tools across 14 categories.

Who is defend.network for?

defend.network is built for security teams, SOC analysts, IT administrators, CISOs, and anyone who needs concise, verified daily cyber threat intelligence without wading through dozens of news sources.

LIVE FEED

HIGH: FORTINET FORTI-SANDBOX — Three CVEs (39813, 39808, 25089) actively exploited; patch immediately◆HIGH: ROKAROLLA (Android) — Targets 217 banking/crypto apps; 137 remote commands; spreads via fake TikTok/Chrome◆HIGH: GOOGLE VERTEX AI SDK — Bucket-squatting RCE; unauthorized model hijacking; code exec in infrastructure◆HIGH: JETBRAINS MARKETPLACE — 15+ malicious plugins stealing AI API keys from developers◆HIGH: CLICKFIX CAMPAIGNS — New BabaDeda, Lorem Ipsum, Potemkin loaders; Vice Society ransomware link◆HIGH: China-linked UNC6508 — year-long espionage campaign targeting North American research, medical, military networks; credential theft via REDCap◆HIGH: Microsoft June 2026 Patch Tuesday — record 200 fixes including ~36 critical vulnerabilities with active exploitation evidence◆HIGH: Cisco SD-WAN vManage CVE-2026-20262 — zero-day root privilege escalation actively exploited; emergency patch released◆HIGH: FORTINET FORTI-SANDBOX — Three CVEs (39813, 39808, 25089) actively exploited; patch immediately◆HIGH: ROKAROLLA (Android) — Targets 217 banking/crypto apps; 137 remote commands; spreads via fake TikTok/Chrome◆HIGH: GOOGLE VERTEX AI SDK — Bucket-squatting RCE; unauthorized model hijacking; code exec in infrastructure◆HIGH: JETBRAINS MARKETPLACE — 15+ malicious plugins stealing AI API keys from developers◆HIGH: CLICKFIX CAMPAIGNS — New BabaDeda, Lorem Ipsum, Potemkin loaders; Vice Society ransomware link◆HIGH: China-linked UNC6508 — year-long espionage campaign targeting North American research, medical, military networks; credential theft via REDCap◆HIGH: Microsoft June 2026 Patch Tuesday — record 200 fixes including ~36 critical vulnerabilities with active exploitation evidence◆HIGH: Cisco SD-WAN vManage CVE-2026-20262 — zero-day root privilege escalation actively exploited; emergency patch released◆

UPDATED DAILY

AI-monitored threat intelligence

Cyber threat
intelligence,
verified &
prioritized.

AI-generated daily briefings and vulnerability analysis for security teams who need signal, not noise.

Read Today’s Briefing → Subscribe Free

HIGH/ JUNE 17, 2026TODAY’S BRIEFING — #091

Fortinet actively exploited; Rokarolla targets 217 banking apps; Google Vertex AI flaw

Fortinet FortiSandbox faces active in-the-wild exploitation of three CVEs. Android banking trojan Rokarolla targets 217 financial apps with 137 remote commands. Google Vertex AI SDK bucket-squatting flaw enables unauthorized model hijacking.

CVE-2026-39813Fortinet Fortisandbox — Actively exploited in the wild; patched April CVE-2026-39808Fortinet Fortisandbox — Actively exploited in the wild; patched April CVE-2026-25089Fortinet FortiSandbox — Actively exploited in the wild; patched last week

Read the full briefing →

90 briefings published

13 vuln reports

59 tools indexed

$0 for security teams

LIVE — THIS WEEK

Critical vulnerabilities

Full report →

CVE	Product	CVSS	Exploited	Patch
CVE-2026-10520	Ivanti Sentry	10	KEV	—
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	9.8	KEV	—
CVE-2026-45247	Mirasvit Full Page Cache Warmer	9.8	KEV	—
CVE-2026-48172	LiteSpeed CPanel Plugin	9.8	KEV	advisory
CVE-2026-9082	Drupal Core	9.8	KEV	✓ available

KEV = listed in CISA catalog · IN WILD = active exploitation reported · PoC = public exploit code

LATEST INTELLIGENCE

Daily briefings

View all 90 briefings →

HighJune 17, 2026

Fortinet actively exploited; Rokarolla targets 217 banking apps; Google Vertex AI flaw

Vuln ExploitMobile MalwareFinanceTechnology

HighJune 16, 2026

China espionage dwell 1 year, Microsoft 200 patches, Cisco SD-WAN actively exploited

China-linked UNC6508 maintained undetected access to North American medical, military, and academic research networks for over a year via compromised REDCap servers. Microsoft issued record 200 patches with evidence of active exploitation. Cisco SD-WAN vManage CVE-2026-20262 exploited in the wild.

APTVuln ExploitDefenseTechnology

MediumJune 15, 2026

Critical: Splunk RCE, Arch Linux supply-chain hijack, phishing-as-a-service dismantled

FBI dismantles Outsider Enterprise phishing network; Arch Linux AUR compromised with 400+ malicious packages deploying credential stealer and rootkit; Splunk Enterprise CVSS-9.8 RCE patched.

Supply ChainVuln ExploitTechnologyFinance

MediumJune 14, 2026

Splunk RCE, Arch Linux supply-chain hijack, Velvet Ant decade-long backdoor

Splunk Enterprise CVE-2026-20253 (CVSS 9.8) enables unauthenticated RCE; 400+ Arch Linux AUR packages hijacked with infostealer/rootkit; China-linked Velvet Ant maintained decade-long PAM/OpenSSH backdoor.

Vuln ExploitAPTTechnologyGovernment

Explore by Threat Type

Coverage volume · last 30 days

Zero-Day Vuln Exploit Supply Chain Credential Theft APT Data Breach Malware Ransomware Phishing IoT / OT DDoS Insider Threat Mobile Malware BEC Compliance Cryptojacking

Sector Heatmap

Coverage volume · last 30 days

Technology Finance Government Healthcare Education Defense Manufacturing Retail Telecom Energy Legal Transportation Media

Very high (10+ briefings/30d) High (6–9) Moderate (3–5) Low (1–2) rising critical mentions

Security Tools Directory

Open full directory →

59 security tools indexed · free + paid + open source · updated regularly

🔍

Bitdefender GravityZone

Paid

Free

Paid

Freemium

SentinelOne Singularity

Paid

Free

Paid

Paid

Free

Free

Free

SIEM & Log Management

Freemium

Graylog Open

SIEM & Log Management

Free

Microsoft Sentinel

SIEM & Log Management

Paid

Splunk Enterprise Security

SIEM & Log Management

Paid

Wazuh SIEM

SIEM & Log Management

Free

Cisco Duo

Identity & Access Management

Freemium

CyberArk

Identity & Access Management

Paid

Keycloak

Identity & Access Management

Free

Okta

Identity & Access Management

Paid

Paid

Free

Freemium

Paid

Vulnerability Management

Free

OpenVAS (Greenbone)

Vulnerability Management

Free

Qualys VMDR

Vulnerability Management

Paid

Rapid7 InsightVM

Vulnerability Management

Paid

Tenable Nessus

Vulnerability Management

Paid

Paid

Free

Free

Paid

Threat Intelligence Platforms

Freemium

MISP

Threat Intelligence Platforms

Free

OpenCTI

Threat Intelligence Platforms

Free

Recorded Future

Threat Intelligence Platforms

Paid

Acronis Cyber Protect

Backup & Disaster Recovery

Paid

Restic

Backup & Disaster Recovery

Free

Veeam Backup

Backup & Disaster Recovery

Paid

GoPhish

Security Awareness Training

Free

KnowBe4

Security Awareness Training

Paid

Phished

Security Awareness Training

Freemium

Paid

Freemium

Paid

Free

Cloudflare Zero Trust

VPN & Zero Trust Network Access

Freemium

Tailscale

VPN & Zero Trust Network Access

Free

WireGuard

VPN & Zero Trust Network Access

Free

Zscaler Private Access

VPN & Zero Trust Network Access

Paid

Burp Suite

Penetration Testing & Red Team

Free

Kali Linux

Penetration Testing & Red Team

Free

Metasploit

Penetration Testing & Red Team

Freemium

Nmap

Penetration Testing & Red Team

Free

sqlmap

Penetration Testing & Red Team

Free

Paid

Free

Paid

⚖️ Compare any tools side-by-side →

Pick up to 4 tools to compare pricing, deployment, and capabilities

ABOUT THIS SITE

How It Works

Our methodology →

We monitor

Once a day at 04:00 UTC, the pipeline pulls ten authoritative security feeds – including CISA advisories – and extracts the day’s most important stories and the CVEs they cite.

We verify

Every CVE is checked against NVD for canonical CVSS and cross-referenced with the CISA KEV catalog. Inline citations link each story to its sources, and a skeptical second AI pass flags – or blocks – claims it can’t substantiate.

You act

Severity is scored from CVSS and confirmed exploitation – not editorial tone – so Critical is rare by design. Structured briefings tell your team exactly what to patch, investigate, or escalate.

Get the Daily Briefing in Your Inbox

Join security professionals who start their morning with defend.network intelligence. Free forever.

Cyber threatintelligence,verified &prioritized.

Fortinet actively exploited; Rokarolla targets 217 banking apps; Google Vertex AI flaw

Critical vulnerabilities

Daily briefings

Fortinet actively exploited; Rokarolla targets 217 banking apps; Google Vertex AI flaw

China espionage dwell 1 year, Microsoft 200 patches, Cisco SD-WAN actively exploited

Critical: Splunk RCE, Arch Linux supply-chain hijack, phishing-as-a-service dismantled

Splunk RCE, Arch Linux supply-chain hijack, Velvet Ant decade-long backdoor

Explore by Threat Type

Sector Heatmap

Security Tools Directory

How It Works

We monitor

We verify

You act

Get the Daily Briefing in Your Inbox

Cyber threat
intelligence,
verified &
prioritized.