By using our historical scan data, we can look at this attacker’s host on February 11, 2025 (around the time that Sekoia first observed attacker activity), and observe multiple services and certifi...

The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation. Several agencies from m...

The group leverages cloud-native capabilities to first exfiltrate massive volumes of sensitive data, then systematically destroys the original data and any backups within the victim’s cloud environ...

A newly disclosed vulnerability in the widely used ISC Kea DHCP server poses a significant security risk to network infrastructure worldwide. The flaw, designated CVE-2025-40779, allows remote atta...

An unusually broad coalition composed of the United States, its traditional English-speaking allies, and other nations, including Germany, Italy, and Japan, is calling out three Chinese companies o...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA, FBI, and a broad coalition of international partners, has released a comprehensive cybersecurity advisory detail...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-37777 n/a - n/a O2OA v...

In August 2025, Counter Threat Unit™ (CTU) researchers investigated an intrusion that involved deployment of the legitimate open-source Velociraptor digital forensics and incident response (DFIR) t...

The personal details of almost 200 survivors of abuse in the Church of England had been leaked in a data breach from a scheme that was set up to offer them compensation, a victims’ group and offici...

A novel phishing campaign attempts to trick victims into downloading ConnectWise ScreenConnect remote monitoring and management (RMM) software, enabling attackers to take complete control over end-...

BruteForceAI, an innovative penetration testing framework developed by Mor David, integrates large language models (LLMs) with browser automation to autonomously identify login forms and conduct so...

Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of per...

It was probably inevitable — analysts have spotted the first known ransomware strain powered by artificial intelligence. ESET malware researchers Anton Cherepanov and Peter Strycek discovered the e...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2022-45134 n/a - n/a Mahara...

Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking employees into starting the conversation. What follows are weeks of...

Google’s Threat Intelligence Group is aware of over 700 potentially impacted organizations. The threat actor used a Python tool to automate the data theft process for each targeted organization. Re...

Remy Ra St Felix, 25, was sentenced to an additional six years and ten months last week following an assault on a witness who testified against him in a trial that related to a string of vicious ro...

The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shor...

Qilin ransomware added CBI on its extortion portal on the dark web on August 20, 2025, claiming to have stolen all design projects and threatening to make them public, giving competitors an edge. ...

In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware, and tho...