NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-48729 n/a - n/a An iss...

Introduction This week’s zero-day exploit targeting Microsoft SharePoint, now referred to as ToolShell, caught organizations off guard. The exploit allowed unauthenticated remote code execution an...

Introduction Resecurity conducted hundreds of VAPT (Vulnerability Assessment and Penetration Testing) engagements for customers of different sizes and profiles—ranging from Fortune 100 corporation...

“Laundry Bear, as tracked by Dutch Intelligence (also tracked as Void Blizzard by Microsoft Threat Intelligence), is a Russian state-sponsored APT that has been active since at least April 2024 and...

Overview The SonicWall Capture Labs threat research team became aware of a pre-authentication memory leak vulnerability leading to information disclosure in Citrix NetScaler devices and assessed i...

Cybercrime unveiled in the suburbs Authorities sentenced an Arizona resident to over eight years in prison after discovering a covert “laptop farm” connected to a remote work scam involving North ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-33109 IBM - i IBM i 7....

Cisco Talos Incident Response (Talos IR) recently observed attacks by Chaos, a relatively new ransomware-as-a-service (RaaS) group conducting big-game hunting and double extortion attacks. Chaos R...

On July 19, 2025, Microsoft confirmed that a set of zero-day vulnerabilities in SharePoint Server called ToolShell is being exploited in the wild. ToolShell is comprised of CVE-2025-53770, a remote...

Introduction When we as network threat hunters think of Command and Control (C2) over DNS, a familiar image comes to mind: long, garbled subdomains streaming out of a network. This being the case,...

Key Takeaways First identified by eSentire’s Threat Response Unit (TRU) in May 2025, Cyber Stealer represents a new and actively developing threat. The malware authors are consistently updating the...

…Nothing unusual about botnet traffic. But this time, dozens of malicious IPs were all coming from a single region with a population of just over 3,000 people. It didn’t fit the pattern. So we dug...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2021-39077 IBM - Security Guardiu...

Unknown threat actors have breached the National Nuclear Security Administration’s network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a sem...

The Socket Threat Research Team has uncovered four malicious packages: three on the npm registry and one on the Python Package Index (PyPI), all designed as delivery mechanisms for surveillance mal...

Introduction PDFs are ubiquitous in today’s digital world. We trust them for important documents, contracts, and records. But what if the seemingly official PDF wasn’t what it appeared to be? The ...

A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under att...

Introduction SEQRITE Labs APT-Team has recently found a campaign targeting the Russian Aerospace Industry. The campaign aims at employees of Voronezh Aircraft Production Association (VASO), a sign...

A long-running investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterpart and Europol, has led to the arrest of the suspected administrator o...

Key Takeaways ThreatLabz observed targeted malware intrusions that employed social engineering tactics, leveraging the Dalai Lama’s 90th birthday through strategic web compromises to lure Tibetan c...