Reading the ENISA Threat Landscape 2025 report

ENISA Threat Landscape 2025: Rising ransomware, AI phishing, and state-backed espionage mark a converging, persistent EU cyber threat landscape. ENISA Threat Landscape 2025 report provides a comprehensive analysis of... Read more »

Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control

Attackers can weaponize AWS X-Ray as a covert bidirectional C2 channel, abusing legitimate cloud tracing infrastructure for C2. Summary & Background: Before we get started, if you haven’t had... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall... Read more »

Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals

GreyNoise saw a 500% spike in scans on Palo Alto Networks login portals on Oct. 3, 2025, the highest in three months. Cybersecurity firm GreyNoise reported a 500% surge... Read more »

U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure... Read more »

ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims

Trinity of Chaos, tied to Lapsus$, Scattered Spider & ShinyHunters, hit 39 firms via Salesforce flaws, launching a TOR data leak site. The Trinity of Chaos, a ransomware collective... Read more »

ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE

Researchers uncovered two Android spyware campaigns, ProSpy and ToSpy, posing as Signal and ToTok in the UAE to steal data via fake sites. ESET cybersecurity researchers uncovered two spyware... Read more »

Google warns of Cl0p extortion campaign against Oracle E-Business users

Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a... Read more »

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor via malicious Excel XLL add-ins spotted in Sept 2025. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyberattacks by... Read more »
Subscribe to our Newsletter