International Threats: Themes for Regional Phishing Campaigns
By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, therefore a considerable number of analyzed campaigns...
GRU-Linked BlueDelta Evolves Credential Harvesting
The analysis cut-off date for this report was September 11, 2025 Executive Summary Between February and September 2025, Recorded Future’s Insikt Group identified...
Decoding the GitHub recommendations for npm maintainers
This blog post explores the rationale and implementation behind GitHub's security recommendations for npm maintainers following numerous high-profile supply-chain incidents. It details how hardening...
Columbia Weather Systems MicroServer
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to redirect connections to an attacker controlled device, gain admin access to the web...
WhiteDate – 20,363 breached accounts
In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that was subsequently leaked online, initially exposing 6.1k unique...
WhiteDate – 6,076 breached accounts
In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that exposed 6k unique email addresses. The breach exposed...
MongoBleed Unauthenticated Memory Leak
What is the Vulnerability? A critical vulnerability in MongoDB Server’s handling...
Metasploit 2025 Annual Wrap-Up
Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up (and a New Year). All...
5th January – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 5th January, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
Two US banks,...
Latest article
23 ClawHub Plugins Abuse Official Org Scopes to Impersonate Trusted AI Agent Tools
A new supply chain threat has surfaced in the AI agent ecosystem that is both subtle and serious. Researchers uncovered 23 plugins on...
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access.
The post New Apple Exploit Exposes Millions...
AI-powered cyber attacks may be just months away, warn Five Eyes
Frontier AI models will pose a greater cyber security risk to government and businesses than previously thought, putting businesses and governments at risk within...
AWS Continuum offers devs help with securing code
AI coding agents are making it easier than ever to produce software. Ensuring that software is secure before deployment is...
