Akamai SIRT Identifies Zerobot Botnet Exploiting n8n and Tenda Vulnerabilities
Akamai SIRT identifies Mirai variant campaign actively targeting critical RCE flaws in automation platforms and routers
Evidence-led cyber threat intelligence for defenders. Incident reports, actor profiles and vulnerability analysis — written for the people who have to act on it.
Akamai SIRT identifies Mirai variant campaign actively targeting critical RCE flaws in automation platforms and routers
NDSS 2026 research shows practical injection and machine-in-the-middle paths across WPA2/WPA3, guest SSIDs, and enterprise multi-AP deployments
Censys has reported on Vshell (often stylised “VShell”) , a Go-based command-and-control (C2) platform used for post-compromise host management, pivoting, and proxying , and increasingly visible…
Designing upstream controls that cut off access brokers, endpoint breakout, and perimeter device exploitation before T1021 starts
Ransomware lateral movement techniques in 2026 are increasingly identity-led, cloud-aware, and executed through legitimate admin channels, forcing defenders to prioritise high-fidelity telemetry,…
Veracode’s 2026 State of Software Security finds remediation capacity falling behind development velocity, with third-party components driving the longest-lived high-risk exposure.
Scattered Lapsus$ Hunters (SLH, also styled SLSH in some reporting) is advertising for female callers to conduct vishing against IT helpdesks, offering $500 to $1,000 per call and providing…
Scattered Spider is a financially motivated eCrime collective best known for high-success social engineering against enterprise IT help desks, often enabling account takeover in SSO and hybrid…
Incorrect permission assignment exposes an internal anomaly-detection service, enabling remote root code execution on affected PTX routers.
Zscaler ThreatLabz reports a December 2025 campaign it tracks as Ruby Jumper , attributed with high confidence to APT37 (aka ScarCruft, Ruby Sleet, Velvet Chollima). The infection chain begins…
UK financial stability and customer outcomes are increasingly shaped by operational cyber risk: attacks (and disruptive technology failures) that impair critical services, amplify fraud losses,…
Short title: Deep dive on Explorer-native WebDAV abuse for malware delivery WebDAV, Windows File Explorer, WebClient, TryCloudflare, Cloudflare Tunnel, phishing, .URL, .LNK, search-ms,…