| Country | Blocked | Share |
|---|---|---|
| United States (US) | 198 | 73.9% |
| Germany (DE) | 27 | 10.1% |
| India (IN) | 23 | 8.6% |
| China (CN) | 13 | 4.9% |
| The Netherlands (NL) | 7 | 2.6% |
Based on emails that reached the content filter. MTA-level blocks (RBL, GeoIP) are not included.
| Domain | Blocked | Avg Score | Volume |
|---|---|---|---|
| gmail.com | 23 | 50.9 | |
| hes.it | 11 | 71.8 | |
| kerilourtie.com | 6 | 45.5 | |
| algurabinvestment.org | 6 | 91.9 | |
| outlook.com | 5 | 60.8 | |
| em.1800flowers.com | 4 | 40.7 | |
| papeleriaomega.com.mx | 4 | 77.7 | |
| capital.net | 4 | 145.2 |
| Score | Sender | Subject |
|---|---|---|
| 225.267 | Costco Special Note <costcospecialnote@m | C0STC0's Membership update and what you need to kn |
| 189.775 | American Express | Customer Care <cco@ | Your account has been placed on temporary hold |
| 185.134 | "[redacted]" <qr11@lifecf.org> | [[redacted]: New Sender] Security Notice: Unauthorize |
| 183.775 | American Express | Customer Care <cco@ | Your account has been placed on temporary hold |
| 160.252 | American Express | Customer Care <Cust | [[redacted]: New Sender] Your account has been placed |
| CVE | Vendor / Product | Ransomware |
|---|---|---|
| CVE-2026-42208 | BerriAI LiteLLM BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorised access to the proxy and the credentials it manages. | Unknown |
| CVE-2026-6973 | Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution. | Unknown |
Top threat types:
unknown: 5020 email-related indicators of compromise in the last 24 hours.
| Malware Family | IOCs | Severity |
|---|---|---|
| Remvio | 13 | High |
| AsyncRAT | 5 | High |
| Vidar | 2 | Medium |