Threat Intelligence / Actor / Multiple — including unattributed financially-motivated intrusion sets and legacy APT tooling (APT17/Elderwood historical, Conficker descendants)

Multiple — including unattributed financially-motivated intrusion sets and legacy APT tooling (APT17/Elderwood historical, Conficker descendants)

1 tracked threat(s) · Categories: VULNERABILITY

Also known as: Elderwood, APT17, Conficker, Aurora Panda

Tracked threats

CISA KEV Catalog Adds Seven Vulnerabilities (May 20, 2026) — Microsoft Defender CVE-2026-41091 (EoP) and CVE-2026-45498 (DoS) Headline Active Exploitation Batch — HIGH

Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →

Threadlinqs Intelligence