Threats

Russian-backed hackers, specifically the Sandworm APT group (also known as APT44 or UAC-0145), have been using weaponized Microsoft Key Management Service (KMS) activators to infiltrate Windows systems in Ukraine. This campaign, which has been active...

A new family of malware has been discovered that leverages Microsoft Outlook as a communication channel via the Microsoft Graph API. This sophisticated malware includes a custom loader and backdoor, known as PATHLOADER and FINALDRAFT,...

Hackers have been leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Pyramid, first released on GitHub in 2023, is a Python-based post-exploitation framework designed to evade endpoint detection and response (EDR)...

Microsoft Threat Intelligence has exposed a subgroup within the Russian state actor Seashell Blizzard, known as the "BadPilot campaign." This subgroup has been conducting a multiyear operation to compromise Internet-facing infrastructure globally, expanding Seashell Blizzard's...

Advanced Persistent Threats (APTs) represent a significant challenge for cybersecurity, targeting critical organizations with stealth and precision. Traditional Network Intrusion Detection Systems (NIDS) often fail to detect these threats due to their sophisticated tactics. To address...

In the ongoing battle between cybersecurity and AI, researchers have introduced a groundbreaking innovation, IllusionCAPTCHA, a CAPTCHA system that leverages visual illusions to differentiate between human users and AI bots. This novel approach aims to...

Researchers have shed light recently on the sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean hackers. This comprehensive analysis, spanning nearly three years, focuses on targeted digital threats against civil society organizations (CSOs)...

QR codes have become an integral part of our digital lives, offering quick access to websites, services, and even payment systems. However, their widespread use has also made them a prime target for scammers. A...

In a significant shift in the ransomware landscape, payments to attackers have decreased by approximately 35% year-over-year. This decline is attributed to increased law enforcement actions, improved international collaboration, and a growing trend among victims...

A significant vulnerability has been identified in GitHub Enterprise Servers, allowing attackers to bypass SAML authentication and log in as other user accounts. This exploit leverages quirks in the libxml2 library, specifically related to XML...