Utair – 401,400 breached accounts
In August 2020, news broke of a data breach of Russian airline Utair that dated back to the previous year. The breach contained over...
Threat landscape for industrial automation systems in Q3 2025
Statistics across all threats
In Q3 2025, the percentage of ICS computers on which malicious objects were blocked decreased from the previous quarter by 0.4...
Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction
The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving...
Медицинская лаборатория Гемотест (Gemotest) – 6,341,495 breached accounts
In April 2022, Russian pharmaceutical company Gemotest suffered a data breach that exposed 31 million patients. The data contained 6.3 million unique email addresses...
Assessing SIEM effectiveness
A SIEM is a complex system offering broad and flexible threat detection capabilities. Due to its complexity, its effectiveness heavily depends on how it...
From cheats to exploits: Webrat spreading via GitHub
In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for...
From Email to Exfiltration: How Threat Actors Steal ADP Login and Personal Data
By: Jhon Astronomo, Cofense Phishing Defense CenterRecently, threat actors have been impersonating employees at major companies, such as ADP, a leading global provider of...
22nd December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 22nd December, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
An adult content...
Cisco AsyncOS Zero-day
What is the Attack? Cisco has confirmed the active exploitation of...
Latest article
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands...
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
