Author: Tudorel Iancu

Threat Overview The latest threat intelligence report, published by CyberHunter_NL on January 6, 2026, details a sophisticated campaign in which a threat actor has leveraged multiple outdated FortiWeb web application firewalls to establish long‑term persistence via

Threat Overview In 2025, security analysts observed a sharp rise in rogue ScreenConnect installations, a remote monitoring and management (RMM) tool widely used by IT teams worldwide. Threat actors hijacked the legitimate software to gain footholds,

EmEditor Site Download Button Malware Incident Between December 19 and December 22, 2025 the official EmEditor website was compromised. Attackers hijacked the main download button and replaced the legitimate installer with a malicious payload. The fake

MacSync Stealer Evolution: A Threat Report MacSync Stealer Evolution: A Threat Report Executive Summary This report details the evolution of the MacSync Stealer malware, a macOS threat that has transitioned from relatively simple delivery mechanisms –

Threat Report: WatchGuard 0-day Exploitation Threat Report: WatchGuard 0-day Exploitation Report Published: December 21, 2025 18:13:42.191Z Source: CyberHunter_NL Executive Summary This report details the active exploitation of a critical zero-day vulnerability within WatchGuard firewalls. Hackers are

Threat Overview On 2025-12-17 AlienVault released a new threat report titled UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager. The report details a Chinese-nexus advanced persistent threat (APT) that has been

Threat Overview In the latest intelligence released by AlienVault on 12 December 2025, the cybersecurity community is warned about the BlackForce phishing kit. First observed in August 2025, this kit has undergone rapid evolution, with multiple

Threat Overview On 2025-12-10 AlienVault released a detailed threat report titled PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182. The report documents a critical vulnerability in React Server Components (CVE-2025-55182) that has already been actively exploited across multiple

In the latest intelligence gathering, security analysts have identified a sophisticated and highly automated threat actor group that is actively exploiting a critical vulnerability in React Server Components, identified as CVE‑2025‑55182. The group, referred to in

Threat Overview: PeerBlight Linux Backdoor Exploits React2Shell Vulnerability In a recent publication released on December 10, 2025, security researchers from AlienVault have identified a critical vulnerability in React Server Components, designated as CVE‑2025‑55182. The vulnerability is