Month: August 2025

Threat Report Major August 2025 Cyber Attacks A detailed report on the significant cyber attacks in August 2025, including Tycoon2FA phishing, ClickFix campaign, and Salty2FA. Threat Overview In August 2025, several significant cyber threats emerged, posing

Threat Report WinRAR Directory Traversal & NTFS ADS Vulnerabilities (CVE-2025-6218 & CVE-2025-8088) Two high-severity vulnerabilities in WinRAR for Windows enable attackers to write files outside intended extraction directories. Threat Overview Two critical vulnerabilities have been identified

Threat Report A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor A detailed analysis of a campaign involving two threat groups deploying the CORNFLAKE.V3 backdoor. Threat Overview The recent threat report published by AlienVault on August 21, 2025,

Threat Report LUMMA AFFILIATES Cybercriminals operating within a vast information-stealing ecosystem Threat Overview The threat report published by AlienVault on 2025-08-20T18:39:43.148Z titled 'Behind the Curtain: How Lumma Affiliates Operate' provides an in-depth analysis of the complex

Threat Report LEGITIMATE CHROME VPN EXTENSION TURNS TO BROWSER SPYWARE A popular Chrome VPN extension with over 100,000 installs has transformed into spyware. Threat Overview A recently published threat report by AlienVault on August 19, 2025,

Threat Report MICROSOFT 365 DIRECT SEND ABUSE Threat actors are exploiting Microsoft 365's Direct Send feature to deliver phishing emails, bypassing perimeter security solutions. Threat Overview The threat report published by AlienVault on August 18, 2025,

Threat Report LeeMe Ransomware Campaign A sophisticated ransomware campaign masquerading as a new SAP Ariba tool. Threat Overview A recently published threat report by AlienVault on August 15, 2025, has uncovered a sophisticated ransomware campaign that

Threat Report PHANTOM CARD A new Android Trojan targeting banking customers in Brazil with potential for global expansion. Threat Overview PhantomCard is a newly identified Android Trojan that specifically targets banking customers in Brazil. This malware

Threat Report COORDINATED BRUTE FORCE CAMPAIGN TARGETS FORTINET SSL VPN A coordinated brute force campaign targeting Fortinet SSL VPNs was observed on August 3, with over 780 unique IPs triggering the Fortinet SSL VPN Bruteforcer tag.

Threat Report PS1Bot Malware Framework A sophisticated multi-stage malware implemented in PowerShell and C# Threat Overview A new threat report published by AlienVault on August 12, 2025, highlights a malvertising campaign distributing PS1Bot, an advanced multi-stage