In 2025, the SideWinder APT group launched a stealthy campaign against Indian organizations, using tax-themed phishing … SideWinder Campaign 2025: Tax-Themed Phishing and DLL Side-Loading AttackRead more
Latest News
BlindEagle’s Fileless Attack Hits Colombian Agencies
In September 2025, BlindEagle (APT‑C‑36) launched a sophisticated spear‑phishing operation against a Colombian government agency under … BlindEagle’s Fileless Attack Hits Colombian AgenciesRead more
When MFA Is Abused: OAuth Device Phishing Explained
Modern phishing attacks no longer need stolen passwords—or even multifactor authentication (MFA) bypasses—to succeed. Instead, attackers … When MFA Is Abused: OAuth Device Phishing ExplainedRead more
Insider Threat Recruitment: How Cybercriminals Turn Employees Into Attack Vectors
In 2024, cybercrime tactics took a dangerous turn: instead of breaking in, attackers started logging in. … Insider Threat Recruitment: How Cybercriminals Turn Employees Into Attack VectorsRead more
Inside North Korea’s $2.02B Crypto Heist: How to Detect & Defend
In 2025, North Korea–linked threat actors executed the most lucrative year of cryptocurrency theft on record—$2.02 … Inside North Korea’s $2.02B Crypto Heist: How to Detect & DefendRead more
Kimwolf Botnet: Inside the Massive Android Malware Threat
Android-based devices are no longer just personal gadgets—they are now high-value attack infrastructure. In late 2025, … Kimwolf Botnet: Inside the Massive Android Malware ThreatRead more
Let’s Encrypt Certificate Changes: What Security Leaders Must Know
In 2023 alone, over 70% of phishing sites abused valid TLS certificates to appear legitimate, underscoring … Let’s Encrypt Certificate Changes: What Security Leaders Must KnowRead more
PDVSA Cyberattack: What Happened and Why It Matters
Venezuela’s state-owned oil giant Petróleos de Venezuela (PDVSA) is in the spotlight after a suspected cyberattack … PDVSA Cyberattack: What Happened and Why It MattersRead more
APT44 Misconfiguration Attacks: What You Must Know
A new report from Amazon Threat Intelligence reveals a strategic evolution in Russian state-sponsored cyber operations. … APT44 Misconfiguration Attacks: What You Must KnowRead more
NoName057(16) DDoS Surge: Inside DDoSia and How to Defend
Since 2022, the pro-Russia hacktivist collective NoName057(16) has weaponized a volunteer-driven DDoS ecosystem to hammer NATO-aligned … NoName057(16) DDoS Surge: Inside DDoSia and How to DefendRead more