Malvertising | #CybersecurityAwarenessMonth
In the 9th episode of the 'Little lessons in cybersecurity' series, we are talking about Malvertising, a sneaky trick hackers to make you on ads that are not actually ads!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
PhishinGit - GitHub.io pages abused for malware distribution
This blog discusses PhishinGit, a phishing campaign uncovered by CYJAX that abuses GitHub.io pages to distribute malware disguised as Adobe downloads. It explains how threat actors used Browser-in-the-Browser (BitB) techniques, Dropbox-hosted payloads, and anti-analysis JavaScript to evade detection. The blog also explores the attack chain, observed mitigations, MITRE ATT&CK mapping, and indicators of compromise (IOCs) to help organisations identify and defend against similar threats.
Three Threats Reshaping Financial Services: Identity, Supply Chain, and AI
Cyber resilience in financial services is often treated as a checklist of tools and controls, rather than what it truly is: a system of people, intelligence, and collaboration working together.
Ready or Not?? New 11:11 Ransomware Report
The statistics in our Ransomware Report are sobering: ransomware attacks occur roughly every 11 seconds, with 85% of organizations suffering at least one attack within a 12-month period. For IT professionals managing critical infrastructure, the question isn’t if you’ll face a cyber incident—it’s when. The numbers are staggering: cybercrime damages are projected to reach $23 trillion annually by 2027.
SocGholish: Turning Application Updates into Vexing Infections
This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently operating globally.
A Brief History of Ransomware
Ransomware is not new, but the ransomware of today is very different from the ransomware of 1989. Today’s episode doubles as a history lesson, as Adam and Cristian look back at how a prolific global threat has evolved over the decades.
CTI roundup: XWorm, Microsoft Teams, Storm-1175
XWorm malware reemerges with ransomware, Microsoft disrupts multiple threats targeting Teams, and Storm-1175 exploits a critical GoAnywhere MFT vulnerability.
The Minimum Viable Hospital
A ransomware attack will take a hospital down for 2-3 weeks on average. When you define the few core applications most critical to maintaining patient continuity of care, and create a plan to quickly recover them, you can turn disaster into a testament to preparedness. This is your Minimum Viable Hospital.
QRSwapper analysis: Malware distributed via Google Colab
During routine threat hunting, we, the ManageEngine Malware Analysis Team, came across a cluster of Google Colab notebooks appearing in search results for popular software downloads. On the surface, they looked legitimate, with well written installation guides and download links.
CVE-2025-61882: Oracle E-Business Suite Under Mass Exploitation by Cl0p Ransomware
A critical CVE-2025-61882 Oracle E-Business Suite vulnerability is under active exploitation by the Cl0p ransomware group. This unauthenticated remote-code-execution (RCE) vulnerability — CVE-2025-61882 — in Oracle E-Business Suite (EBS) was patched by Oracle in October 2025 and is being actively exploited in the wild. Multiple security vendors attribute attacks to Cl0p/associated ransomware extortion campaigns and Oracle has published an emergency Security Alert.