โŒ

Reading view

There are new articles available, click to refresh the page.

Shifts in the Underground: The Impact of Water Kuritaโ€™s (Lumma Stealer) Doxxing

A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer (Water Kurita), resulting in a sharp decline in its activity and a migration of customers to rival infostealer platforms.

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

Trendโ„ข Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series.

RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits

Trendโ„ข Research and ZDI Threat Hunters have identified a large-scale RondoDox botnet campaign exploiting over 50 vulnerabilities across more than 30 vendors, including flaws first seen in Pwn2Own contests.

A Cascade of Insecure Architectures: Axis Plugin Design Flaw Expose Select Autodesk Revit Users to Supply Chain Risk

We discovered Azure Storage Account credentials exposed in Axis Communicationsโ€™ Autodesk Revit plugin, allowing unauthorized modification of cloud-hosted files. This exposure, combined with vulnerabilities in Autodesk Revit, could enable supply-chain attacks targeting end users.

Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users

Trendโ„ข Research has identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed, the malware establishes persistence and hijacks the compromised WhatsApp account to send copies of itself to the victimโ€™s contacts.

New LockBit 5.0 Targets Windows, Linux, ESXi

Trendโ„ข Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems.

Domino Effect: How One Vendor's AI App Breach Toppled Giants

A single AI chatbot breach at Salesloft-Drift exposed data from 700+ companies, including security leaders. The attack shows how AI integrations expand risk, and why controls like IP allow-listing, token security, and monitoring are critical.

AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks

Trendโ„ข Researchโ€™s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.

EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legitimate applications to bypass security, steal credentials, and persistently compromise organizations worldwide.

โŒ