We have uncovered a phishing kit named the IUAM ClickFix Generator that automates the creation of these attacks. The kit…

Over the past few weeks, Rapid7 has observed increased activity of a new threat group attacking AWS cloud environments with…

Forescout honeypot caught hacktivist activity targeting a decoy water treatment plant in Sept. 2025. A Russian-aligned group, TwoNet, claimed responsibility…

A sophisticated cyber intrusion campaign utilizing log poisoning and a new tool called Nezha has been uncovered. The attackers exploited…

A sophisticated cyber intrusion campaign utilizing log poisoning and a new tool called Nezha has been uncovered. The attackers exploited…

A sophisticated cyber intrusion campaign utilizing log poisoning and a new tool called Nezha has been uncovered. The attackers exploited…

On June 8th, 2025, we received a submission through our Bug Bounty Program for an Authentication Bypass vulnerability in Service…

Ransomware operators are using Velociraptor, an open-source digital forensics tool, in their attacks. The activity is attributed to Storm-2603, a…

Ransomware operators are using Velociraptor, an open-source digital forensics tool, in their attacks. The activity is attributed to Storm-2603, a…

Over the course of three months, Volexity observed UTA0388 using various themes and fictional identities across dozens of spear phishing…