SIEM as a Service

Threat Actors Attacking Job Seekers With Three New Unique Adversaries

A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These scams employ increasingly refined social engineering tactics that blend legitimate...

Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors

A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution...

Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search...

Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to...

Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands

A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named 'discordpydebug' appeared on the Python Package Index (PyPI)...

New Supply Chain Attack Targets Legitimate npm Package with 45,000 Weekly Downloads

A sophisticated supply chain attack targeting the popular npm package 'rand-user-agent' was discovered on May 5, 2025. The compromise affects a legitimate JavaScript library used to generate randomized user-agent strings for web scraping operations, inserting...

Scattered Spider Malware Targeting Klaviyo, HubSpot, and Pure Storage Services

Cybersecurity experts have identified an escalating campaign by the notorious hacker collective Scattered Spider, which continues to evolve its sophisticated attack methods in 2025. The group, active since at least 2022, has shifted focus to...

Threat Actors Using Multimedia Systems Via Stealthy Vishing Attack

Cybercriminals have developed sophisticated vishing techniques that leverage multimedia file formats to bypass security systems and target unsuspecting victims. These new attack vectors, observed in early 2025, represent an evolution in social engineering tactics where...

Hackers Weaponizing PDF Invoices to Attack Windows, Linux & macOS Systems

A sophisticated multilayered email attack campaign has emerged, utilizing weaponized PDF invoices as the initial vector to deliver remote access trojan (RAT) malware across multiple platforms. The attack primarily targets Windows systems but can also...

FreeDrain Phishing Attack Users to Steal Users Financial Login Credentials

A sprawling phishing operation dubbed "FreeDrain" has emerged as an industrial-scale cryptocurrency theft network that systematically targets and drains digital wallets. This sophisticated campaign leverages search engine manipulation and free-tier web hosting services to create...

Indirect Prompt Injection Leverage LLMs as They Lack Informational Context

Cybersecurity researchers have identified a growing threat vector targeting artificial intelligence systems through a technique known as indirect prompt injection. Unlike traditional attacks that directly manipulate an LLM's user interface, these sophisticated attacks embed malicious...
SIEM as a Service

Recent Posts