The Socket Threat Research Team has uncovered an extended and ongoing North Korean supply chain attack that hides behind typosquatted npm packages. Threat actors linked to the Contagious Interview ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-49144 notepad-plus-plus - no...

This blog post highlights a Mandiant Red Team case study simulating an “Initial Access Brokerage” approach that discovered two vulnerabilities on Aviatrix Controller, a Software-Defined Networking ...

Here are the key facts about this new threat: The malware targets both iOS and Android devices, and it is spreading in the wild as well as through the App Store and Google Play. The app is already...

Key findings China-aligned threat actor Hive0154 has spread numerous phishing lures in targeted campaigns throughout 2025 to deploy the Pubload backdoor. Hive0154 devises filenames referencing vari...

A severe cryptographic vulnerability in the popular open-source Meshtastic project allows attackers to decrypt private messages and hijack nodes across LoRa mesh networks. The vulnerability tracke...

Source: G Data Excerpt: “ConnectWise abuse 2024-2025 This isn’t the first time that ConnectWise has been used by threat actors. Back in February 2024, we saw a spike in ransomware activity tied t...

China-nexus actors are using a network of Operational Relay Boxes (ORBs) including compromised connected devices to target victims in the US and Asia with a cyber-espionage campaign, SecurityScorec...

Today (June 22, 2025) — the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of th...

Executive Summary CloudSEK’s recent investigation reveals that the Androxgh0st botnet has evolved significantly since its early activity in 2023, leveraging a wide range of Initial Access Vectors ...

Executive Summary APT36, also known as Transparent Tribe, is a Pakistan-based cyber espionage group that has been actively targeting Indian defense personnel through highly sophisticated phishing ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2023-46350 n/a - n/a SQL in...

Key findings The Field Effect Analysis team has been investigating an incident involving a Canadian online gambling provider, where a threat actor employed social engineering tactics to take contro...

Executive Summary In March 2025, Unit 42 researchers identified a wave of Prometei attacks. Prometei refers to both the botnet and the malware family used to operate it. This malware family, whic...

On June 12, 2025, Aflac Incorporated, a Georgia corporation (the “Company”), identified unauthorized access to its network. The Company promptly initiated its cybersecurity incident response protoc...

In a previous blog, we analyzed domains associated with the recently-disrupted LummaC2 infostealing malware (although there are now reports that a new infostealer known as Acreed has come to take i...

Key Takeaways The PowerShell script (y1.ps1) executes shellcode directly in memory using reflective techniques. It connects to a second-stage C2 server hosted on Baidu Cloud Function Compute....

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-1016 Solar - FTP Server ...

In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russian state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least April ...

Earlier this month, a security researcher discovered a massive new data leak containing a total of over 4 billion records, which appears to contain data on Chinese users. Cybernews reported that th...