Live Global Threat Map

Real-time visualization of cyber threats and attack patterns across the globe

Interactive Global Threat Map

Real-time cyber threats visualization powered by Leaflet.js. Hover over markers for incident details. Zoom and pan to explore regions.

Global Threat Index

↑ 23%

vs last week

Leaflet © OpenStreetMap contributors

Threat Legend

Critical (20+)
High (10-19)
Medium (5-9)
Low (1-4)

Live Statistics

Total Attacks (24h)

7863

+0% from previous hour

Critical Incidents

9

Requiring immediate action

Countries Affected

9

Geographic spread of threats

Attack Types

5

Unique threat categories detected

Attack Types Distribution

Active Threat Categories

Ransomware 234
Phishing 189
DDoS 145
Malware 98
Zero-Day 23

Live Threat Intelligence Feed

Powered by AlienVault OTX - Real-time global threat data

Ransomware Infrastructure: LockBit 3.0 C2 Servers

1/1/2026 AlienVault Labs
critical

Command and Control infrastructure associated with LockBit 3.0 ransomware operations targeting financial institutions.

Adversary: LockBit Group
MITRE ATT&CK Techniques:
T1486 T1490 T1059
Indicators of Compromise (IOCs):
• 45.142.212.61
• 185.220.101.34
• lockbit3xc2pqxv.onion
Tags:
#ransomware #lockbit #c2 #financial

APT29 Phishing Campaign - Government Targets

1/1/2026 MITRE ATT&CK
high

Sophisticated spear-phishing campaign attributed to APT29 (Cozy Bear) targeting government entities with credential harvesting.

Adversary: APT29 / Cozy Bear
MITRE ATT&CK Techniques:
T1566.001 T1078 T1071.001
Indicators of Compromise (IOCs):
• gov-login-portal[.]com
• 198.51.100.42
• secure-auth-gov[.]net
Tags:
#apt29 #phishing #government #credential-theft

Emotet Botnet Resurface - Spam Campaign

1/1/2026 Team Cymru
high

Emotet botnet infrastructure detected distributing banking trojans via malicious Office documents in widespread spam campaign.

Adversary: Emotet Group
MITRE ATT&CK Techniques:
T1566.001 T1204.002 T1027
Indicators of Compromise (IOCs):
• 203.0.113.88
• 198.51.100.123
• invoice_2026.docm
Tags:
#emotet #botnet #spam #banking-trojan

Crypto Mining Malware on Cloud Infrastructure

1/1/2026 Aqua Security
medium

Widespread cryptomining malware targeting misconfigured Docker and Kubernetes instances in cloud environments.

Adversary: TeamTNT
MITRE ATT&CK Techniques:
T1496 T1610 T1552.007
Indicators of Compromise (IOCs):
• xmr-pool[.]mining-cloud[.]xyz
• 45.33.12.77
• kinsing.bin
Tags:
#cryptomining #cloud #docker #kubernetes

Zero-Day Exploitation: CVE-2025-XXXX in Popular VPN

1/1/2026 Cybersecurity and Infrastructure Security Agency (CISA)
critical

Active exploitation of critical authentication bypass vulnerability in enterprise VPN solutions. Immediate patching required.

Adversary: Multiple APT Groups
MITRE ATT&CK Techniques:
T1190 T1133 T1078.004
Indicators of Compromise (IOCs):
• exploit-cve2025.py
• /vpn/auth/bypass.cgi
• 185.220.101.67
Tags:
#zero-day #vpn #authentication-bypass #cve

Supply Chain Attack: Compromised NPM Package

1/1/2026 GitHub Security Lab
high

Malicious code discovered in popular NPM package "color-utils-pro" with 500k+ weekly downloads. Backdoor enables remote code execution.

Adversary: Unknown
MITRE ATT&CK Techniques:
T1195.002 T1059.007 T1071.001
Indicators of Compromise (IOCs):
• color-utils-pro@3.2.1
• c2-npm-backdoor[.]com
• SHA256:a3f4...
Tags:
#supply-chain #npm #open-source #backdoor

Ready to Protect Your Organization?

Use CyberGuard's threat intelligence and security services to defend against real-world attacks shown on this map.

Wait! Get a Free Security Scan

Before you go, discover your organization's security vulnerabilities with our complimentary security assessment—no credit card required.