This cybersecurity report analyzes Operation RoundPress, a sophisticated cyber-espionage campaign conducted by Russian state-sponsored group APT28 that exploited cross-site scripting (XSS) vulnerabilities in popular webmail platforms to steal sensitive communications from government and defense entities across Eastern Europe, South America, and Africa—particularly those supporting Ukraine. The report highlights how
nOAuth
TRENDING TOPICS JUNE 26, 2025 Update: nOAuth Vulnerability Still Threatens Microsoft Entra SaaS Apps and Broader Identity Systems Despite being publicly disclosed in mid-2023, the nOAuth vulnerability continues to affect a significant portion of Microsoft Entra-integrated SaaS applications. A recent review by Semperis found that 9% of the 104 applications
ICS
TRENDING TOPICS JUNE 25, 2025 CISA Issues June 2025 ICS Advisories for Critical Industrial Infrastructure Vulnerabilities On June 24, 2025, CISA released eight new Industrial Control Systems (ICS) advisories (ICSA-25-175-01 through ICSA-25-175-07) and an update to a legacy bulletin highlighting serious vulnerabilities in operational technology systems across critical sectors. These
Iran
TRENDING TOPICS JUNE 24, 2025 DHS Warns of Pro-Iranian Hacktivist Surge Following U.S.-Iran Military Escalation In the aftermath of the United States’ June 22, 2025, airstrikes on Iranian nuclear facilities and Tehran’s swift retaliatory missile attacks on U.S. bases in Qatar and Iraq, the Department of
Shadow Vector
TRENDING TOPICS JUNE 23, 2025 Shadow Vector: A Sophisticated SVG-Based Malware Campaign The Shadow Vector campaign is a highly targeted malware operation currently focusing on users in Colombia, using deceptive spear-phishing emails that impersonate official institutions—primarily the judicial system. The emails contain Scalable Vector Graphics (SVG) attachments that appear
Godfather
TRENDING TOPICS JUNE 20, 2025 UPDATE: Godfather Android Trojan Uses Virtual Sandbox to Hijack Real Banking and Crypto Apps The latest version of the GodFather Android trojan marks a serious escalation in mobile malware by deploying a full virtualization framework directly on infected devices. Unlike traditional banking trojans that rely
BERT Ransomware Technical Comparison Comparative Analysis of Advanced Ransomware Families Technical Feature BERT REvil Conti Payload Delivery PowerShell scripts Windows Defender bypass Firewall service termination Privilege escalation Exploit kits Supply chain attacks RDP exploitation PowerShell scripts Cobalt Strike TrickBot partnership Code Origin 80% REvil code base Custom modifications Original codebase
Qilin
TRENDING TOPICS JUNE 18, 2025 Update: Qilin Ransomware Targets Multiple Platforms with Advanced Evasion Techniques Qilin ransomware has rapidly emerged as a highly active and advanced threat, known for targeting a wide array of platforms, including Windows workstations, Linux servers, and VMware ESXi systems. Unlike many other ransomware variants, Qilin
AsyncRAT
TRENDING TOPICS JUNE 17, 2025 Update: Fileless AsyncRAT Campaign Targets Users with Fake Verification Prompts A sophisticated campaign leveraging the fileless variant of AsyncRAT has been uncovered, attributed to cybercriminal groups that employ deceptive tactics to infiltrate users' systems. While the specific threat actor behind this campaign has not
GrayAlpha
TRENDING TOPICS JUNE 16, 2025 GrayAlpha Group Leverages Sophisticated Malware and Deceptive Tactics in Ongoing Attacks A newly exposed infrastructure tied to the cybercriminal group GrayAlpha believed to overlap with the notorious FIN7 hacking group, reveals a range of sophisticated tactics targeting the Retail, Hospitality, and Financial sectors. Active since
GitHub
TRENDING TOPICS JUNE 13, 2025 GitHub Device Code Flow is the New Backdoor for Phishing Attacks A new phishing technique quietly targets developers by misusing GitHub’s OAuth 2.0 Device Code Flow, a login method originally intended for smart devices and limited-input systems. Attackers start by requesting a real
Quasar
TRENDING TOPICS JUNE 12, 2025 Update: Quasar RAT Delivered via Obfuscated Batch Files in Targeted Malware Campaign A sophisticated malware campaign has emerged, utilizing Windows batch files to deliver the Quasar Remote Access Trojan (RAT), a powerful tool that grants attackers full control over compromised systems. The attack begins with