Microsoft, in collaboration with Cloudflare, has carried out a sweeping operation against RaccoonO365, a Phishing-as-a-Service (PhaaS) platform widely exploited to steal Microsoft 365 credentials across the globe. Through coordinated action, 338 domains were seized,...
Huntress found itself at the center of a heated debate following the publication of a study its own researchers had initially described as a lighthearted mishap. Beneath the playful tone, however, lay material that...
Researchers at Palo Alto Networks have reported a surge in attacks leveraging the open-source platform AdaptixC2, originally designed for penetration testing but now increasingly exploited by cybercriminals. Unit 42 specialists first detected traces of...
Researchers at Arctic Wolf have reported a new campaign, dubbed GPUGate, in which adversaries exploit Google Ads and fraudulent GitHub commits to distribute malware targeting IT firms and developers across Western Europe. Active since...
The Australian Institute of Criminology has unveiled a comprehensive study exposing the inner workings of ransomware syndicates and their impact on Australia and allied nations. Researchers analyzed 865 attacks recorded between 2020 and 2022...
The research group Deep Specter Research has uncovered a multilayered scheme of phishing and brand impersonation that quietly operated for years on Google Cloud and Cloudflare infrastructure. According to their findings, attackers systematically acquired...
Between June and July 2025, researchers recorded hundreds of thousands of password brute-force attempts targeting SSL VPN and RDP services. The source of the attacks was traced to the Ukrainian autonomous system FDN3 (AS211736),...
GreyNoise has observed a sharp and highly atypical surge in reconnaissance activity targeting Microsoft Remote Desktop Web Access and the RDP Web Client: 1,971 unique IP addresses were active simultaneously, whereas the company typically...
Microsoft has issued a warning over the growing surge of large-scale ClickFix phishing attacks and has recommended that system administrators restrict the use of command-line tools and disable the Run dialog in Windows. This...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The list includes two flaws in Citrix Session Recording and one in Git, all...