Archive
Every published report, newest first.
2026 (56)
- OpenClaw lures fuel ClickFix infostealer infections as agentic AI ecosystems become a new credential targetTactics & Techniques
- Microsoft incident responders publish a playbook for detecting prompt abuse in enterprise AI toolsIndustry News
- Stryker ‘Handala’ incident: global Microsoft environment disruption and reported remote device wipesIncident Reports
- Hudson Rock ties Polyfill.io supply-chain compromise to DPRK operator via Lumma Stealer telemetryIndustry News
- Storm-2561 pushes fake VPN installers via SEO poisoning to steal enterprise credentialsIncident Reports
- BadPaw and MeowMeow: steganographic .NET malware hits Ukrainian targetsIncident Reports
- UAT-9244 hits South American telcos with TernDoor, PeerTime and BruteEntryIncident Reports
- BadAudio and APT24: “good enough” OPSEC powering a multi-vector espionage chainIncident Reports
- Iran crisis cyber risk rises as defacements and disruptive activity reportedTrends & Analysis
- OpenClaw “ClawJacked” chain: malicious websites can hijack local AI agents via localhost WebSocketsIncident Reports
- DPRK FAMOUS CHOLLIMA OPSEC failure exposes npm publisher IPs through public disposable inboxesThreat Actors
- FAMOUS CHOLLIMA: DPRK employment fraud and developer-lure intrusion setThreat Actors
- Akamai SIRT Identifies Zerobot Botnet Exploiting n8n and Tenda VulnerabilitiesVulnerabilities & Exploits
- AirSnitch: Client isolation in Wi-Fi is not delivering the security most defenders expectTrends & Analysis
- Vshell (VShell): a Mandarin-language C2 framework surfacing alongside Cobalt Strike on exposed infrastructureIncident Reports
- Preventing the Access That Powers Ransomware Lateral Movement (Part 2/2)Tactics & Techniques
- Ransomware Lateral Movement in 2026: Detection Opportunities (Part 1/2)Tactics & Techniques
- Security debt surges as legacy vulnerabilities accumulateIndustry News
- Scattered Lapsus$ Hunters recruits women for paid helpdesk vishingIncident Reports
- Scattered Spider threat actor profileThreat Actors
- Critical Juniper PTX Junos OS Evolved flaw enables unauthenticated root takeover (CVE-2026-21902)Vulnerabilities & Exploits
- APT37 “Ruby Jumper” campaign bridges air-gapped networks using USB and a portable Ruby runtimeIncident Reports
- Cyber Threats to the UK Financial System: Banking, Capital Markets, Asset Management and Central Banking (Transatlantic & Geopolitical Drivers, 2024–2026 Incident Case Studies)Trends & Analysis
- WebDAV Delivery via Windows File Explorer: How .URL and .LNK Shortcuts Stage Malware Outside the BrowserTactics & Techniques
- Active exploitation of Cisco Catalyst SD-WAN via UAT-8616 (CVE-2026-20127)Vulnerabilities & Exploits
- DPRK fake interview lures and recruitment-driven access operations summaryIncident Reports
- Abyss Locker Ransomware - Updated ProfileThreat Actors
- SolarWinds Serv-U: Privileged RCE flaws patched in 15.5.4Vulnerabilities & Exploits
- SANDWORM_MODE: npm supply-chain worm poisons CI workflows and AI coding assistantsIncident Reports
- Chinese APT-linked exploitation of TeamT5 ThreatSonar (CVE-2024-7694)Vulnerabilities & Exploits
- Lazarus-linked activity using Medusa ransomwareIncident Reports
- BLACK BASTA - Threat Actor ProfileThreat Actors
- FICOBA breach exposes data linked to 1.2 million French bank accountsIncident Reports
- Threat Actor Profile: APT42 (MITRE G1044)Threat Actors
- Cyber Threats Facing UK Further and Higher EducationTrends & Analysis
- Peaklight malware: Stealthy memory-resident delivery chain abusing LNK, mshta, CDN and WebDAVThreat Actors
- Payload Ransomware: Early ProfileThreat Actors
- APT33 - Threat Actor ProfileThreat Actors
- BeyondTrust CVE-2026-1731: Pre-auth RCE escalates from rapid scanning to ransomware-linked intrusionsVulnerabilities & Exploits
- Ivanti EPMM Pre-Auth RCE (CVE-2026-1281) Under Active ExploitationVulnerabilities & Exploits
- EDR Killers in 2026: The most common ways attackers neutralize endpoint security — and how to stop themTactics & Techniques
- BYOVD in 2026: the signed-driver loophole powering EDR bypass at scaleTactics & Techniques
- APT29 (Cozy Bear / The Dukes / Midnight Blizzard) - Threat Actor ProfileThreat Actors
- APT28 (Fancy Bear / Sofacy / Sednit / Forest Blizzard) - Threat Actor ProfileThreat Actors
- APT31 (Violet Typhoon / ZIRCONIUM) - Threat Actor ProfileThreat Actors
- Threat Actor Profile: LAPSUS$ (a.k.a. Microsoft “DEV-0537” / “Strawberry Tempest”)Threat Actors
- Threat Actor Profile: Cl0p (CL0P) — Extortion-led Mass CompromiseThreat Actors
- UNC6201 Targets Dell RecoverPoint (CVE-2026-22769): Evolving Backdoors and Novel VMware Pivot TechniquesVulnerabilities & Exploits
- CVE-2026-20841 — Windows Notepad (Store app) Markdown Link Handling Leads to Command Injection / Code ExecutionVulnerabilities & Exploits
- Microsoft February 2026 Patch Tuesday — key takeawaysVulnerabilities & Exploits
- Salesforce “Connected Apps” Supply-Chain Campaign (UNC6040 / UNC6395) — ShinyHunters & Scattered Spider OverlapThreat Actors
- Notepad++ Update Channel Supply-Chain Compromise (June–December 2025): Targeted Traffic Redirection Delivering Chrysalis / Cobalt StrikeIncident Reports
- Microsoft January 2026 Patch Tuesday — key takeawaysVulnerabilities & Exploits
- SolarWinds Orion Supply-Chain Compromise (SUNBURST / “Solorigate”)Incident Reports
- Oracle E-Business Suite (EBS) Targeted in Coordinated Intrusion CampaignIncident Reports
- IDE Supply Chain Blind Spot: High-Impact Flaws in Popular VS Code Extensions Enable Local File Theft and Remote Code ExecutionVulnerabilities & Exploits
2025 (28)
- Cl0p Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882): What Defenders Need to KnowVulnerabilities & Exploits
- Microsoft-Observed Zero-Day Exploitation of Paragon BioNTdrv.sys (Partition/Hard Disk Manager) Driver Vulnerabilities for SYSTEM Privilege EscalationVulnerabilities & Exploits
- Jaguar Land Rover (JLR) Cyber IncidentIncident Reports
- Coordinated Cyber-Attack on London Borough Councils (RBKC, Westminster, H&F) — Incident BriefIncident Reports
- Asahi Cyberattack and Data Breach: Ransomware-Driven Disruption and Nearly Two Million Records at RiskIncident Reports
- Cisco Critical Zero-Day Vulnerabilities (Sept 2025): SNMP Exploitation and Perimeter Firewall Zero-DaysVulnerabilities & Exploits
- Microsoft Patch Tuesday — November 2025Vulnerabilities & Exploits
- Fortinet FortiWeb Under Active Exploitation: CVE-2025-64446 and CVE-2025-58034Vulnerabilities & Exploits
- Nominet Confirms Network Intrusion Linked to Ivanti Connect Secure Zero-Day (CVE-2025-0282)Incident Reports
- Scattered Spider Attacks on Airlines (Qantas, WestJet, Hawaiian Airlines)Incident Reports
- U.S. Telecom “Lawful Intercept” Systems Targeted in China-Linked Intrusions (Salt Typhoon)Incident Reports
- Chinese Surveillance-Grade Data Exposure (631GB / ~4B records) — Threat Intelligence BriefIncident Reports
- Microsoft SharePoint Zero-Day Exploitation — CVE-2025-53770 (“ToolShell”)Vulnerabilities & Exploits
- Akira Ransomware Targeting SonicWall Gen 7 SSLVPN: CVE-2024-40766, Credential Reuse, and Post-Migration ExposureThreat Actors
- Microsoft August 2025 Patch TuesdayVulnerabilities & Exploits
- Coinbase Insider-Enabled Data Exposure and Extortion AttemptIncident Reports
- Co-op UK Member Data Theft (6.5m Records) — Third-Party & Retail-Sector IntrusionIncident Reports
- Free (France) Cyber Attack: Customer Data Breach Impacts MillionsIncident Reports
- Microsoft May 2025 Patch Tuesday — 72 CVEs, Five Exploited Zero-Days, and Critical RCE ExposureVulnerabilities & Exploits
- Critical SAP NetWeaver Visual Composer Vulnerability (CVE-2025-31324) — Unauthenticated File Upload to RCEVulnerabilities & Exploits
- CrushFTP Actively Exploited Critical Authentication Bypass (CVE-2025-31161; former CVE-2025-2825)Vulnerabilities & Exploits
- Microsoft April 2025 Patch Tuesday: Actively Exploited CLFS Zero-Day (CVE-2025-29824) and 11 Critical RCE Flaws Across 121 CVEsVulnerabilities & Exploits
- Lazarus Group’s $1.5 Billion Bybit Cryptocurrency Theft (TraderTraitor)Incident Reports
- GitHub Actions supply chain attack: tj-actions/changed-files and reviewdog/action-setupIncident Reports
- Qilin Ransomware Attack on Lee Enterprises: Operational Disruption at a Major US Newspaper PublisherIncident Reports
- Microsoft February 2025 Patch Tuesday: 55 CVEs Fixed, 4 Zero-Days (2 Exploited In-The-Wild)Vulnerabilities & Exploits
- Finastra Secure File Transfer PlatformVulnerabilities & Exploits
- Nation-State Cyberattacks Escalate: Indian Government Systems and Romanian Elections Under Coordinated Digital SiegeIncident Reports
2024 (61)
- Microsoft December Patch Tuesday: 71 Vulnerabilities Patched, Including Actively Exploited CLFS Zero-Day (CVE-2024-49138)Vulnerabilities & Exploits
- Change Healthcare Ransomware Attack (UnitedHealth / Optum): ALPHV/BlackCat Disruption and Mass PHI ExposureIncident Reports
- SRP Federal Credit Union Data Breach: Nitrogen Ransomware Claims Compromise of 240,742 Member RecordsIncident Reports
- CVE-2024-38094: Microsoft SharePoint Deserialisation RCE — Active Exploitation, Detection Tips, and MitigationVulnerabilities & Exploits
- Internet Archive Under Fire: 31 Million-Account Breach and Zendesk Token Exposure Amid Sustained DDoS DisruptionIncident Reports
- Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver ManuscryptVulnerabilities & Exploits
- GeoVision EOL Devices Under Active Exploitation: CVE-2024-11120 Pre-Auth OS Command Injection Enables Remote Command Execution (CVSS 9.8)Vulnerabilities & Exploits
- CVE-2024-47575 (“FortiJump”): FortiManager Missing Authentication RCE Added to KEV After In-the-Wild ExploitationVulnerabilities & Exploits
- Cisco Investigates Data Breach: Sensitive Information Reportedly For Sale on Hacking ForumIncident Reports
- Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability HistoryVulnerabilities & Exploits
- Ivanti CSA Hit with Three New Zero-Day Vulnerabilities in Active ExploitationVulnerabilities & Exploits
- File Hosting Services Misused for Identity Phishing: Microsoft’s AnalysisTactics & Techniques
- Microsoft’s October 2024 Patch Tuesday: Five Zero-Day Vulnerabilities Fixed, Including Actively Exploited FlawsVulnerabilities & Exploits
- Alleged Credit Suisse Data Breach: Employee Data CompromisedIncident Reports
- Evil Corp and LockBit Connection Exposed: NCA Unmasks Cybercrime KingpinThreat Actors
- Leveraging Windows Event Logs to Identify Human-Operated Ransomware: Insights from JPCERT/CCThreat Actors
- LummaC2: Obfuscation Through Indirect Control FlowTactics & Techniques
- CTI Trends - September 2024Trends & Analysis
- Critical CUPS Vulnerabilities: Remote Code Execution Risk for UNIX-Based SystemsVulnerabilities & Exploits
- Upcoming Conference - Hack.lu 2024Industry News
- RansomHub Ransomware Surge: A Growing Threat to Critical InfrastructureThreat Actors
- CrowdStrike Outage of July 2024: A Detailed Breakdown and AnalysisIndustry News
- FlightAware Data Breach: Years of User Data Exposed Due to Configuration ErrorIncident Reports
- Nokia Employee Data Breach: 7,622 Records Exposed in July 2024Incident Reports
- RockYou2024: Historic Password Leak Exposes 10 Billion PasswordsTactics & Techniques
- Twilio Authy API Breach: A Vulnerability That Exposed Millions to Potential Phishing AttacksIncident Reports
- HealthEquity Data Breach Exposes Protected Health Information of 4.3 Million IndividualsIncident Reports
- LockBit Ransomware Claims Attack on the U.S. Federal Reserve: June 2024 IncidentIncident Reports
- Roblox Vendor Data Breach: Attendee Information Compromised in July 2024Incident Reports
- Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability: June 2024 CVE-2024-33210 Patch AnalysisVulnerabilities & Exploits
- Windows Print Spooler Remote Code Execution (RCE) Vulnerability: Exploits and Critical PatchesVulnerabilities & Exploits
- Black Basta Ransomware Hits Keytronic: Major Disruption to Manufacturing OperationsIncident Reports
- Windows Hyper-V Denial of Service (DoS) Vulnerability: A Critical June 2024 Patch CVE-2024-31156Vulnerabilities & Exploits
- Microsoft Outlook Elevation of Privilege Vulnerability: A Critical June 2024 PatchVulnerabilities & Exploits
- Qilin Ransomware Disrupts London Hospitals: June 2024 Attack OverviewIncident Reports
- Microsoft June 2024 Patch Tuesday: A Breakdown of Critical VulnerabilitiesVulnerabilities & Exploits
- TellYouThePass Ransomware Exploits PHP Vulnerability in June 2024Vulnerabilities & Exploits
- Dev Popper Campaign (May 2024): Hackers Exploit Fake Job Interviews to Distribute Python-based RAT Targeting DevelopersThreat Actors
- Pro-Russian Hacktivist Attacks on Water Infrastructure (May 2024): OT Systems Targeted in U.S. and European Water FacilitiesIncident Reports
- Cencora (Healthcare Sector) Cyberattack: May 2024 Data BreachIncident Reports
- Okta Credential Stuffing Attacks Surge in May 2024: Okta Advises Enhanced Security with ThreatInsightIndustry News
- Microsoft Patch Tuesday (May 2024): Breakdown of 60 Vulnerabilities, Including Active Zero-Day ExploitsVulnerabilities & Exploits
- Rhysida Ransomware Attack on Singing River Health System: Data of 895,000 Individuals ExfiltratedIncident Reports
- RansomHub Ransomware Attack on Christie’s Auction House: Live Auctions Delayed and Website Taken OfflineIncident Reports
- BlackBasta Ransomware Attack on Ascension Health: Clinical Operations DisruptedIncident Reports
- LockBit Ransomware Disrupts Wichita Government: Shutdown of Systems and Critical ServicesIncident Reports
- DragonForce Ransomware Attack on Ohio Lottery: 500,000 Personal Records CompromisedIncident Reports
- LockBit Ransomware Attack on Simone Veil Hospital: Data Leaked After Failed Extortion AttemptIncident Reports
- Exploitation of CVE-2022-38028 by Forest BlizzardTactics & Techniques
- Cyber Threats to the 2024 Elections: The Role of Russia and IranThreat Actors
- IBM's Acquisition of HashiCorpIndustry News
- Autodesk Drive Phishing CampaignThreat Actors
- Dumfries and Galloway Ransomware BreachIncident Reports
- Threat Actor Profile: INC RansomwareThreat Actors
- MITRE Corporation Security Breach: A Deep Dive into the ImplicationsIncident Reports
- CVE-2024-4058: Google Chrome VulnerabilityVulnerabilities & Exploits
- Report: Line Dancer MalwareVulnerabilities & Exploits
- In-Depth Analysis of Paris Olympics 2024 Security ThreatsTrends & Analysis
- CVE-2023-20269 Exploitation in Cisco ASA DevicesVulnerabilities & Exploits
- UnitedHealth Group and Change Healthcare Cybersecurity Breach: A Detailed OverviewIncident Reports
- CVE-2024-3400 – Exploitation of Palo Alto Networks' PAN-OSVulnerabilities & Exploits
2023 (109)
- Akamai - New RCE Botnet Spreads Mirai via two Zero-Day VulnerabilitiesVulnerabilities & Exploits
- Sabre Insurance Cyber AttackIncident Reports
- Threat Actor Profile: Hunters International Ransomware GroupThreat Actors
- Critical Bypass in Windows Defender SmartScreen - CVE-2023-36025Vulnerabilities & Exploits
- Phobos Ransomware Variant Targeting VX-UndergroundIncident Reports
- Threat Actor Profile: Scattered SpiderThreat Actors
- Incident Summary : MGM Resorts Ransomware AttackIncident Reports
- Understanding TIBER-EU: A Comprehensive Guide to Europe's Cybersecurity FrameworkTactics & Techniques
- JA4+ Plugin for WiresharkTools & Resources
- UCH Logistics Ransomware Attack by Black BastaIncident Reports
- Evading SIEM Rules – Academic PaperTactics & Techniques
- LummaC2 Malware's Advanced Anti-Sandbox TechniquesTactics & Techniques
- NetSupport as a RAT – The Resurgence of a Covert ThreatTactics & Techniques
- Uncovering SSH Vulnerability: Extracting RSA Keys from Server Signing ErrorsVulnerabilities & Exploits
- Russian APT29 Exploits WinRAR and Ngrok in Embassy CyberattacksVulnerabilities & Exploits
- Morgan Stanley's Data Breach: A Case Study in Cybersecurity NegligenceIndustry News
- Threat Actor Profile: LockbitThreat Actors
- LockBit Reforms Negotiation TacticsTactics & Techniques
- Rhysida Cyber-attack on the British MuseumIncident Reports
- Boeing's Cybersecurity Breach by LOCKBIT RansomwareIncident Reports
- Threat Intelligence Report on Recent Citrix VulnerabilitiesVulnerabilities & Exploits
- ICBC hit by ransomware attackIncident Reports
- APT35 Expands Its Horizon - Password Spray Attacks Across Global SectorsIncident Reports
- BellaCiao Malware - APT35's New Chapter in Cyber EspionageIncident Reports
- Discord.io Data Breach Exposes Information of 760,000 MembersIndustry News
- Beyond the Headlines: Elevating Threat Intelligence Sharing to Fight Cyber ThreatsTrends & Analysis
- Unveiling the GRU's Cyber Playbook - MandiantThreat Actors
- US Navy Personnel Arrested for Espionage Activities Linked to ChinaIncident Reports
- PhishForce - Salesforce Zero-Day ExploitationIncident Reports
- Unauthorised Access to Cross-Tenant Applications in Microsoft Power PlatformVulnerabilities & Exploits
- Critical Vulnerability CVE-2023-39143 in PaperCut Poses RCE Threat to Unpatched ServersVulnerabilities & Exploits
- Deceptive Python Package 'VMConnect' Targets VMware vSphere UsersIncident Reports
- Mid-2023 Cyber Threat Briefing for UK SME SectorIndustry News
- Threat Actor Profile: Volt TyphoonThreat Actors
- The Rising Threat of Abyss Locker Ransomware to VMware's ESXi ServersThreat Actors
- The Hidden Dangers of Android's Patch Delays: N-Days Masquerading as Zero-DaysTrends & Analysis
- Satellite Security: A Looming Threat to Operators and OrganisationsIndustry News
- CVE-2023-21716: A Critical Heap Corruption Vulnerability in Microsoft WordVulnerabilities & Exploits
- The Cascading Effect of Vulnerability DiscoveryTrends & Analysis
- Ivanti Patches another Zero-Day Exploited in Norwegian Government Attacks - Active Exploitation ObservedVulnerabilities & Exploits
- Arctic Wolf Unveiling the Intricate Connection Between Conti and Akira Ransomware GroupsThreat Actors
- SANS Digital Forensics Summit 2023Industry News
- Unmasking Storm-0978: A Cyber Espionage CampaignThreat Actors
- CVE-2023-37580 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) VulnerabilityThreat Actors
- High Severity RCE Vulnerability in Atlassian's Confluence Data Center & ServerVulnerabilities & Exploits
- Cyber Threat Intelligence and Cybersecurity Industry Trends in Q2 2023Industry News
- Threat actor profile: APT37 (ScarCruft / Reaper)Threat Actors
- Threat Actor Profile: APT36Threat Actors
- Threat Actor Profile: APT35Threat Actors
- The Emergence of FraudGPTTrends & Analysis
- MikroTik RouterOS Vulnerability: CVE-2023-30799Incident Reports
- The Future of APT Analysis: Navigating the Evolving Threat LandscapeThreat Actors
- Threat Actor Profile: APT34Threat Actors
- Examining the Johnson-Lebedev Connection & ImplicationsThreat Actors
- Outlook Email Authentication Bypass: Display Name ObfuscationTactics & Techniques
- Active Exploitation of Zero-Day Vulnerability (CVE-2023-38606) Affecting All Apple ProductsThreat Actors
- OSS Supply Chain Attacks Targeting the Banking Sector: A Detailed AnalysisIncident Reports
- Unmasking the Geopolitical Underpinnings of Ransomware Attacks: A ReviewThreat Actors
- Unveiling TETRA:BURST - A Deep Dive into the Critical Vulnerabilities of Global Emergency Communication SystemsVulnerabilities & Exploits
- Unraveling Phishing SMS Campaigns: A Collaborative Success StoryIndustry News
- Ivanti Endpoint Manager Mobile (EPMM) CVE-2023-35078Incident Reports
- Threat Actor Profile: APT32Threat Actors
- Zero-day vulnerability exploited in cyberattack on Norwegian government's IT systemsIndustry News
- Zenbleed - CVE-2023-20593: A use-after-free in AMD Zen2 Processors announcedVulnerabilities & Exploits
- Bellingcat Story - Creating Impact: A Year On Stop Child Abuse — Trace An ObjectThreat Actors
- Cyber Threat Intelligence Report: UK Further and Higher Education SectorsTrends & Analysis
- Nokia 2023 Threat Intelligence ReportIncident Reports
- Risks Associated with Managed File Transfer (MFT) SolutionsVulnerabilities & Exploits
- Investigating SMS phishing text messages from scratch - A great share from @BushidoTokenIncident Reports
- Analysis of Evasive Panda APT Group's Recent ActivitiesThreat Actors
- TIR : Weekly Threat Intelligence News DigestIndustry News
- Understanding and Mitigating Insider Threats: A Comprehensive ApproachIncident Reports
- Threat Actor Profile: APT30Threat Actors
- Insecure Direct Object References (IDOR): A Deep Dive into the #1 Vulnerability Found by Penetration Testers in 2023Tactics & Techniques
- Top 10 Vulnerabilities and Misconfigurations Found by Pen Testers in 2023Threat Actors
- Unchecked Privileges: The Risks of Third-Party Windows InstallersIndustry News
- SmokeLoader Malware: A Deep Dive into UAC-0006's Polyglot AttackIncident Reports
- CERT-UA Unveils Escalation in Cyberattacks: An In-Depth AnalysisIncident Reports
- MITRE Engenuity Introduces Threat Report ATT&CK Mapper (TRAM)Tactics & Techniques
- APT41 Hackers Unleash WyrmSpy and DragonEgg Spyware on Android UsersThreat Actors
- GitHub warns of Lazarus hackers targeting devs with malicious projectsIncident Reports
- MOVEit body count closes in on 400 orgs, 20M+ individualsThreat Actors
- P2PInfect Worm Malware Targets Linux and Windows Redis ServersIndustry News
- OpenSSH Security Update: Mitigating CVE-2023-38408Vulnerabilities & Exploits
- University Students Targeted by Bioscience Job ScamsThreat Actors
- SophosEncrypt Ransomware Masquerades as Cybersecurity VendorIncident Reports
- Critical Vulnerability CVE-2023-3519 in Citrix ADC and GatewayVulnerabilities & Exploits
- Oracle July 2023 Critical Patch Update: OverviewVulnerabilities & Exploits
- Supply Chain Attack Targeting Pakistani Government Delivers ShadowPad - Trend MicroIncident Reports
- Threat Actor Profile: Anonymous SudanThreat Actors
- Unmasking Shadows: How a Cybercriminal Accidentally Revealed His IdentityThreat Actors
- Tools - Cyberchef v10 releasedTools & Resources
- FIN8 (Syssphinx): Ransomware Enablement and FortiClient EMS ExploitationThreat Actors
- Exploring TA453's Foray into LNKs and Mac Malware - Proofpoint ReportThreat Actors
- Inside Job: IT Security Analyst Convicted for Exploiting Ransomware Attack on Oxford BiomedicaIncident Reports
- Unmasking AVrecon: The Stealthy Malware Infiltrating Global Routers - Lumen ReportIndustry News
- Overcoming the Top Ten Challenges in Open Source Intelligence (OSINT): A Comprehensive IntroductionTrends & Analysis
- JumpCloud Security BreachIncident Reports
- TeamTNT's Cloud Credential Stealing CampaignIncident Reports
- In-Depth Analysis of Storm-0558 Techniques for Unauthorized Email AccessIncident Reports
- Act now! In-the-wild Zimbra vulnerability needs a workaroundVulnerabilities & Exploits
- Hackers exploiting critical WordPress WooCommerce Payments bugIncident Reports
- Active Exploitation of Multiple Adobe ColdFusion VulnerabilitiesVulnerabilities & Exploits
- A technical analysis of the Quasar-forked RAT called VoidRATTactics & Techniques
- Black Basta OverviewThreat Actors
- ISC China Report SummaryTrends & Analysis
- SmokeLoader malwareThreat Actors
- ISC Russia Report SummaryTrends & Analysis
- 2022 Global Threat Intelligence Report by NTT SecurityTrends & Analysis
2022 (8)
- Brenntag Ransomware AttackIncident Reports
- Quanta Ransomware AttackIncident Reports
- CNA Financial Ransomware AttackIncident Reports
- Australia Channel 9 News Ransomware AttackIncident Reports
- Florida Water Supply HackIncident Reports
- Accellion Supply Chain AttackIncident Reports
- Microsoft Exchange VulnerabilitiesIncident Reports
- Colonial Pipeline Ransomware Attack of 2021: Disrupting Critical InfrastructureIncident Reports
2021 (10)
- Twitter Bitcoin Scam Hack of 2020: Targeting High-Profile AccountsIncident Reports
- Magecart Attacks: Web Skimming Threatens E-commerce SecurityThreat Actors
- WhatsApp Security Vulnerability Exploited by NSO Group in 2019: Targeting Journalists and ActivistsIncident Reports
- Capital One Data Breach of 2019: Exploiting Misconfigured Cloud InfrastructureIncident Reports
- MyFitnessPal Data Breach of 2018: Exposing User CredentialsIncident Reports
- Facebook-Cambridge Analytica Data Scandal of 2018: Privacy Breach and User ManipulationIncident Reports
- Marriott International Data Breach of 2018: Exposing Millions of Guest RecordsIncident Reports
- Uber Data Breach of 2017: Lessons in Transparency and AccountabilityIncident Reports
- The WannaCry Ransomware Attack of 2017: A Global Cybersecurity CrisisIncident Reports
- The Equifax Data Breach of 2017: An Unprecedented Cybersecurity IncidentIncident Reports
2020 (13)
- Bangladesh Bank SWIFT Heist (February 2016): SWIFT Alliance Access Message Manipulation and Local Record TamperingIncident Reports
- VTech Data Breach of 2015Incident Reports
- TalkTalk Data Breach of 2015: An AnalysisIncident Reports
- Ashley Madison Breach of 2015Incident Reports
- 2015 OPM Data Breach: Lessons in CybersecurityIncident Reports
- The Anthem Data Breach of 2015: Navigating the Cybersecurity LandscapeIncident Reports
- 2014 Sony Pictures Entertainment BreachIncident Reports
- The Zeus BotnetThreat Actors
- Operation Aurora : A Deep Dive into the 2010 State-Sponsored Cyber AttackIncident Reports
- Unveiling Stuxnet: The pioneering cyber-physical sabotage of Siemens Step7Incident Reports
- The 2014 eBay Data Breach: An In-depth LookIncident Reports
- 2014 JP Morgan Chase breachIncident Reports
- The 2013-2014 Target Data BreachIncident Reports