#threat-intelligence
#threat-intelligence

Privacy professionals

Chinese hackers are exploiting SharePoint vulnerabilities, Microsoft says

Privacy professionals

Threat intel firms on alert for government systems impacted by Microsoft SharePoint vulnerability

2 weeks ago

Information security

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3 weeks ago

Information security

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

Roam Research

Typhoon-like gang slinging TLS certificate 'signed' by LAPD

China-backed attackers have launched an ongoing campaign infecting over 1,000 devices in primarily the US and Southeast.

The campaign utilizes Operational Relay Boxes (ORB) for covert cyberattacks, complicating detection and attribution.

Growth hacking

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new cyber campaign is exploiting Cloudflare Tunnel for delivering malicious payloads via phishing emails.

The techniques involve complex multi-step processes and disguised files to execute attacks.

Privacy professionals

Chinese hackers are exploiting SharePoint vulnerabilities, Microsoft says

Privacy professionals

Threat intel firms on alert for government systems impacted by Microsoft SharePoint vulnerability

2 weeks ago

Information security

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3 weeks ago

Information security

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

Roam Research

Typhoon-like gang slinging TLS certificate 'signed' by LAPD

Growth hacking

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

Privacy professionals

"No honor among thieves": M&S hacking group starts turf war

Privacy professionals

OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers

fromArs Technica

3 weeks ago

Privacy professionals

"No honor among thieves": M&S hacking group starts turf war

Privacy professionals

OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers

more#cybercrime

fromTechzine Global

Microsoft Defender XDR gets Copilot-driven upgrade

Microsoft's TITAN recommendations enhance Guided Response with real-time threat intelligence for better cyber defense.

fromHackernoon

Discover Your Most Critical Assets Before Hackers Do | HackerNoon

Understanding asset criticality is essential for prioritizing vulnerability remediation.

Node JS

fromBleepingComputer

Dozens of malicious packages on NPM collect host and network data

60 malicious NPM packages were found that collect sensitive data and send it to threat actors through Discord webhooks.

Threat actors employed names similar to legitimate packages to deceive developers and infiltrate systems.

Artificial intelligence

fromSecuritymagazine

Pay Attention to the Intersection of API Security and AI Proliferation

AI integration is increasing reliance on APIs, impacting organizational security.

#ransomware

Information security

Ransomware attacks dropped by a third last month | Computer Weekly

Privacy professionals

March ransomware slowdown probably a red herring | Computer Weekly

Roam Research

Submit ransomware intel, earn up to $10k from new program

Tech industry

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Black Basta's fighty internal chats leak online

Internal conflicts within the Black Basta ransomware gang have led to a decrease in their activities and stability.

fromITPro

The new ransomware groups worrying security researchers in 2025

The ransomware ecosystem is increasingly fragmented with new smaller groups emerging alongside traditional mega-groups.

Information security

Ransomware attacks dropped by a third last month | Computer Weekly

Privacy professionals

March ransomware slowdown probably a red herring | Computer Weekly

Ransomware incidents have dramatically increased by 46% year-on-year, despite a 32% month-to-month drop in recorded attacks in March 2025.

Roam Research

Submit ransomware intel, earn up to $10k from new program

Halcyon's Threat Research Incentive Program rewards researchers $10,000 for valuable ransomware intel to combat extortionists.

Tech industry

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Black Basta's fighty internal chats leak online

Internal conflicts within the Black Basta ransomware gang have led to a decrease in their activities and stability.

fromITPro

The new ransomware groups worrying security researchers in 2025

The ransomware ecosystem is increasingly fragmented with new smaller groups emerging alongside traditional mega-groups.

430K Patients' Data Exposed in Ascension Breach

Ascension's data breach impacted over 437,000 individuals, highlighting the healthcare industry's vulnerabilities to cyber threats and the importance of robust cybersecurity measures.

Marketing tech

fromTechzine Global

Flashpoint launches AI-driven tools for better threat intelligence

Flashpoint Ignite platform's new AI features enhance threat intelligence accessibility and speed up response in complex threat environments.

Experts forecast Ivanti VPN attacks as endpoint scans surge

Ivanti VPN users should remain vigilant due to an 800% surge in IP scanning, suggesting potential exploitation risks.

Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways

Palo Alto Networks reports a surge in brute-force login attempts against its GlobalProtect gateways, highlighting increasing security threats.

fromITPro

Surging DDoS attack rates show no sign of slowing down - here's why

DDoS attacks have surged due to their use in cyber warfare linked to socio-political events.

CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

CoffeeLoader malware executes secondary payloads and evades detection using sophisticated techniques, including GPU execution and call stack spoofing.

Gadgets

fromInfoQ