The Insikt Group team, a division of Recorded Future, has disseminated a comprehensive analysis regarding the cloud threat landscape of 2025. Analysts have documented a burgeoning surge in offensives where adversaries eschew traditional malware...
The surveillance of clandestine marketplaces has encountered a burgeoning subject of interest. Analysts have documented the inauguration of LegionNull, a Turkish-language forum that has already coalesced an audience dedicated to the trafficking of purloined...
In the realm of information security, it has long been standard practice to categorize vulnerabilities via the CVE system: a breach is assigned a designation, followed by a CVSS severity score, a CWE type,...
In the nascent weeks of 2026, a formidable new antagonist emerged within the digital theater: a collective identifying as 0APT, which proclaimed the inauguration of its bespoke “Ransomware-as-a-Service” architecture. This entity incited immediate trepidation,...
In the clandestine digital underworld, a prominent purveyor of code-signing certificates has executed a high-profile disappearance. The Global Man service, a longstanding facilitator for adversaries seeking to obfuscate deleterious binaries, has abruptly ceased operations,...
Who could resist eavesdropping on a conversation that suddenly veers into the unexpectedly intimate? Specialists at Infoblox inadvertently secured such an opportunity when they observed a catastrophic “drift” in the DNS configurations of a...
In recent weeks, personnel within Afghan governmental institutions have become the recipients of missives harboring documents that ostensibly mirror official decrees from the Prime Minister’s Office. Within these communications lies a persuasive document composed...
Adversaries have orchestrated a sophisticated campaign utilizing a multi-stage infection vector to deploy the Remcos RAT, a remote administration tool designed to clandestinely subjugate compromised systems. Securonix researchers, who identified this offensive, have designated...
The hacking group known as ShinyHunters has claimed responsibility for breaching the infrastructure of Resecurity and exfiltrating internal data. Resecurity, however, maintains that the attackers gained access only to a deliberately constructed decoy—a segregated...
A new open-source project has emerged in the threat-hunting ecosystem, aiming to address one of the discipline’s most persistent pain points: the loss of context once an investigation is over. The Agentic Threat Hunting...
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is...
In October 2025, experts at Kaspersky Lab uncovered a new wave of targeted attacks attributed to the ForumTroll group. Whereas earlier campaigns primarily focused on organizations, this iteration shifted its attention to individuals—political scientists,...
