SonicWall is investigating a potential new zero-day after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN enabled. The company is working to determine if the incidents ste...

Executive Summary SentinelLABS has uncovered a series of cryptocurrency scams in which threat actors distribute a malicious smart contract disguised as a trading bot in order to drain user wallets ...

Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that they are calling “ReVault”. 100+ models of Dell laptops are aff...

Excerpt: This post explains a recent incident response engagement handled by NCC Group’s Digital Forensics and Incident Response (DFIR) team, involving a social engineering attack followed by the q...

AhnLab SEcurity intelligence Center (ASEC) recently identified cases of Makop ransomware attacks targeting South Korean users. The Makop ransomware has been distributed to South Korean users by dis...

Key Takeaways Threat actors are leveraging generative AI tools like DeepSite AI and BlackBox AI to produce phishing templates that closely mimic official government websites, like the Brazilian St...

In June 2025, during the 12-day conflict between Israel and Iran, a network of Iran-linked hackers launched a flurry of cyber-operations aligned with the war. As air strikes crossed borders, a vast...

Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 20...

Key Insights Critical RCE Flaw in Popular AI-powered IDE. Check Point Research uncovered a persistent remote code execution vulnerability in Cursor, a fast-growing AI-powered coding platform trus...

The incident came to light on July 24, when Cisco learned that one of its representatives had been targeted in a vishing attack. The threat actor had managed to access and steal a “subset of basic ...

Key Takeaways Raspberry Robin is an advanced malware downloader that has been active since 2021. The developers have improved the malware’s obfuscation methods by adding multiple initialization lo...

Cybersecurity researchers have uncovered significant overlaps between the attack infrastructure of ShadowSyndicate, also known as Infra Storm by Group-IB, and several prominent ransomware-as-a-serv...

We are observing stealth crawling behavior from Perplexity, an AI-powered answer engine. Although Perplexity initially crawls from their declared user agent, when they are presented with a network ...

A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. Nextron Systems secur...

Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons. The browser maker urged devs to “exercise extreme caution and scrutiny” when reviewing seemingly legitim...

The LegalPwn technique works by hiding malicious code within fake legal disclaimers. According to the research, twelve major AI models were tested, and most were found to be susceptible to this for...

Executive Summary SentinelLABS and Beazley Security discovered and analyzed a rapidly evolving series of infostealer campaigns delivering the Python-based PXA Stealer. This discovery showcases a ...

Fingerprinting Malicious Infrastructure The art of fingerprinting adversary infrastructure involves identifying the attributes of an IP address and using them to build up a profile specific to the...

Executive Summary CYFIRMA Threat Intelligence has observed an ongoing malicious campaign leveraging the domain telegrampremium[.]app, which fraudulently mimics the official Telegram Premium platfo...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2023-32256 undefined - undefinedR...