ENISA Threat Landscape 2025: Rising ransomware, AI phishing, and state-backed espionage mark a converging, persistent EU cyber threat landscape. ENISA Threat Landscape 2025 report provides a comprehensive analysis of... Read more »

Attackers can weaponize AWS X-Ray as a covert bidirectional C2 channel, abusing legitimate cloud tracing infrastructure for C2. Summary & Background: Before we get started, if you haven’t had... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

GreyNoise saw a 500% spike in scans on Palo Alto Networks login portals on Oct. 3, 2025, the highest in three months. Cybersecurity firm GreyNoise reported a 500% surge... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure... Read more »

Trinity of Chaos, tied to Lapsus$, Scattered Spider & ShinyHunters, hit 39 firms via Salesforce flaws, launching a TOR data leak site. The Trinity of Chaos, a ransomware collective... Read more »

Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a... Read more »