Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet for internal review. Every Friday we publish the top 10 which are culled from the 40+ relevant stories we review every week.
Weekly Top 10: 07.07.2025: 600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2: Social Engineering via HTML Applications, and More.
600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2:…
Weekly Top 10: 06.30.2025: Cybercrime Surging Across Africa; New Exploits Target CitrixBleed-2 Vulnerability; Microsoft 365 Abuse Enables Phishing from Trusted Sources, and More.
Cybercrime Surging Across Africa; New Exploits Target CitrixBleed-2 Vulnerability; Microsoft 365 Abuse Enables Phishing from Trusted Sources,…
Weekly Top 10: 06.23.2025: Initial Access Broker of Ransomware Group Ryuk Extradited to the U.S.; Cloudflare Blocked a Record 7.3 Tbps DDoS Attack; Record 16 Billion Credentials Leaked on Hacking Forum, and More.
Initial Access Broker of Ransomware Group Ryuk Extradited to the U.S.; Cloudflare Blocked a Record 7.3 Tbps DDoS Attack; Record 16 Billion…
Weekly Top 10: 06.16.2025: Fog Ransomware: Unusual Toolset Used in Recent Attack; EchoLeak: Critical Zero-Click AI Vulnerability in Microsoft 365 Copilot; Stealth Falcon’s Exploit of Microsoft Zero-Day Vulnerability, and More.
Fog Ransomware: Unusual Toolset Used in Recent Attack; EchoLeak: Critical Zero-Click AI Vulnerability in Microsoft 365 Copilot; Stealth Falcon's…
Weekly Top 10: 06.09.2025: PathWiper Malware Targets Ukrainian Infrastructure; Zero-Click iMessage Exploit Used Against EU and U.S. Officials; Fake AI Tools Used to Distribute Ransomware and More.
PathWiper Malware Targets Ukrainian Infrastructure; Zero-Click iMessage Exploit Used Against EU and U.S. Officials; Fake AI Tools Used to…
Weekly Top 10: 06.02.2025: Threat Actors Abuse Google Apps Script in Evasive Phishing Attacks; Cybercriminals Camouflaging Threats as AI Tool Installers; Mark Your Calendar: APT41 Innovative Tactics, and More.
Threat Actors Abuse Google Apps Script in Evasive Phishing Attacks; Cybercriminals Camouflaging Threats as AI Tool Installers; Mark Your…
Weekly Top 10: 05.26.2025: Botnets Disrupted Worldwide… Operation Endgame Is Back; Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks; M&S’ $400 Million Cyberattack Upheaval to Linger Into July; and More.
Botnets Disrupted Worldwide… Operation Endgame Is Back; Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks; M&S’…
Weekly Top 10: 05.19.2025: Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI Vishing Campaign Impersonates Government Officials; and More.
Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI Vishing Campaign…
Weekly Top 10: 05.12.2025: Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation Systems Sectors, Google Patches Zero-Click RCE Flaw on Android, and More.
Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation Systems Sectors, Google…
Weekly Top 10: 05.05.2025: Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer: New Stealer on Sale in Underground Forum, and More.
Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer:…
Weekly Top 10: 04.21.2025: ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, ‘Mustang Panda’ Employs Four New Attack Tools, and More.
ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, 'Mustang Panda' Employs Four New Attack Tools, and 7 More.
Weekly Top 10: 04.14.2025: Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military Mission Based in Ukraine, and More.
Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military…