Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet for internal review. Every Friday we publish the top 10 which are culled from the 40+ relevant stories we review every week.
Weekly Top 10: 05.05.2025: Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer: New Stealer on Sale in Underground Forum, and More.
Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer:…
Weekly Top 10: 04.21.2025: ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, ‘Mustang Panda’ Employs Four New Attack Tools, and More.
ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, 'Mustang Panda' Employs Four New Attack Tools, and 7 More.
Weekly Top 10: 04.14.2025: Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military Mission Based in Ukraine, and More.
Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military…
Weekly Top 10: 04.07.2025: Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online Using the Stripe API, and More.
Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online Using the Stripe API, and 7 More.
Weekly Top 10: 03.31.2025: QWCrypt Ransomware Targets Hyper-V, Weaver Ant In Zyxel Routers, Kubernetes IngressNightmare, and More.
QWCrypt ransomware specifically designed to encrypt data on Hyper-V virtual machines, Weaver Ant threat group infiltrated an Asian…
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode Extensions Found Downloading Early-Stage Ransomware, and More.
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode Extensions Found…
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to DoS of BGP Routers, and More.
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to DoS of BGP Routers, and 7 More
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns About Actively Exploited Vulnerabilities Exploited in-the-wild; EncryptHub OPSEC Failures Expose Their Infrastructure, and More.
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns About Actively Exploited…
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day: Parallels Desktop Repack Root Privilege Escalation; Android Trojan TgToxic Updates Its Capabilities, and More.
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day: Parallels Desktop Repack Root…
Weekly Top 10: 02.24.2025: Record Cryptocurrency Heist Totals Over 1.6 Billion; New Strain of Android Malware Accrues Over 100K Downloads; New MacOS Malware Strain Spread via Fake Browser Updates, and More.
Weekly Top 10: 2.24.2025: Record Cryptocurrency Heist Totals Over 1.6 Billion; New Strain of Android Malware Accrues Over 100K Downloads; New…
Weekly Top 10: 02.17.2025: DragonRank Seen Exploiting IIS Servers Across Asia; PostgreSQL Vulnerabilities Used to Breach BeyondTrust; Sarcoma Ransomware Operation Breached Unimicron, and More.
Weekly Top 10: 02.17.2025: DragonRank Seen Exploiting IIS Servers Across Asia; PostgreSQL Vulnerabilities Used to Breach BeyondTrust; Sarcoma…
Weekly Top 10: 02.10.2025: PyPI Now Supports Project Archival; Critical RCE Bug in Microsoft Outlook; Stealers on the Rise: A Closer Look at a Growing macOS Threat, and More.
Weekly Top 10: 02.10.2025: PyPI Now Supports Project Archival; Critical Rce Bug in Microsoft Outlook Now Exploited in Attacks; Stealers on the…