OpenEFA Daily Threat Brief

May 24, 2026
SANS Threat Level: GREEN

Email Security Overview

1,587
Processed
1,146
Delivered
294
Quarantined
0
Rejected
18.5%
Block Rate
21.4
Avg Score

Threats Blocked by Category

294
Phishing
291
BEC
294
Impersonation
37
Backscatter

Top Spam Origin Countries

CountryBlockedShare
United States (US)12253.0%
Hong Kong (HK)4318.7%
Vietnam (VN)3414.8%
Australia (AU)2310.0%
Germany (DE)83.5%

Based on emails that reached the content filter. MTA-level blocks (RBL, GeoIP) are not included.

Top Spam Sender Domains

DomainBlockedAvg ScoreVolume
gmail.com1049.9
harborfreight-offers.us799.0
hotmail.com736.8
nhlyon.com527.1
business.facebook.com570.5
symbaloo.com386.1
consultant.com391.4
hiscox.com315.8

Notable High-Score Threats

ScoreSenderSubject
194.58iCloud+請求通知 <smtp.updatelCLoAy9@ml.k-salApple 公式料金明細通知
184.7American Express | Non-Compliance NoticeYour account is on hold due to non-compliance issu
162.603American Express | Non-Compliance Notice[[redacted]: New Sender] Your account is on hold due
162.573American Express | Non-Compliance Notice[[redacted]: New Sender] Your account is on hold due
162.354American Express | Non-Compliance NoticeYour account is on hold due to non-compliance issu

CISA Known Exploited Vulnerabilities (New)

CVEVendor / ProductRansomware
CVE-2026-9082Drupal Core
Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstraction API.		Unknown

Active Malicious URLs (URLhaus)

50
Active URLs
1
Threat Types
1
Unique Hosts

Top threat types:

unknown: 50

Email Threat IOCs (ThreatFox)

20 email-related indicators of compromise in the last 24 hours.

Malware FamilyIOCsSeverity
AsyncRAT16High
Vidar3Medium
Stealc1Low

Generated by OpenEFA Threat Intelligence · 2026-05-24 07:00 UTC

Sources: OpenEFA, CISA KEV, Abuse.ch URLhaus, Abuse.ch ThreatFox, SANS ISC

Back to Advisories · Discuss on the Forum