CISA, NSA, and the Canadian Centre for Cyber Security released a joint Malware Analysis Report on December 4, 2025, warning of BRICKSTORM, a sophisticated Go-based ELF backdoor used by PRC state-sponsored actors for long-term persistence on VMware vSphere systems, such as vCenter and ESXi,...
Cybercriminals increasingly use "Living Off the Land" (LOTL) techniques to bypass Windows Endpoint Detection and Response (EDR) systems.
These methods rely on native Microsoft tools such as PowerShell, WMI, and certutil.exe rather than custom malware.
Recent reports show threat actors favoring this approach for...
Security researchers at VulnCheck have uncovered a sophisticated exploit campaign leveraging a private out-of-band application security testing (OAST) service hosted on Google Cloud.
This operation targeted over 200 Common Vulnerabilities and Exposures (CVEs) with around 1,400 exploit attempts between October 12 and November 14,...
The National Security Agency (NSA), along with the Cybersecurity and Infrastructure Security Agency (CISA) and several international partners, released a new guide on November 19, 2025, to help internet service providers (ISPs) and network defense teams combat cyber threats from bulletproof hosting (BPH) providers....
Cybersecurity researchers have unveiled sophisticated tactics employed by North Korean operatives who pose as legitimate remote workers to infiltrate organizations worldwide, siphoning at least $88 million USD to fund the DPRK's weapons programs.
A recent Flashpoint intelligence report exposes the alarming sophistication of these multi-year...
Cybersecurity researchers have successfully demonstrated how Large Language Model (LLM)-powered honeypots can effectively deceive threat actors into revealing their attack methodologies and infrastructure.
Using the Beelzebub honeypot framework, security analysts captured a complete attack sequence that led to the discovery and subsequent shutdown of...